| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
751 |
CVE-2004-0489 |
|
|
Exec Code |
2004-07-07 |
2017-07-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option. |
|
752 |
CVE-2004-0488 |
|
|
Exec Code Overflow |
2004-07-07 |
2021-06-06 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. |
|
753 |
CVE-2004-0487 |
|
|
DoS |
2004-08-18 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs. |
|
754 |
CVE-2004-0486 |
|
|
Exec Code Dir. Trav. |
2004-07-07 |
2017-07-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. |
|
755 |
CVE-2004-0480 |
|
|
Exec Code |
2004-12-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. |
|
756 |
CVE-2004-0477 |
|
|
Bypass |
2004-12-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass authentication via repeated attempts using any username and password. NOTE: this identifier was inadvertently re-used for another issue due to a typo; that issue was assigned CVE-2004-0447. This candidate is ONLY for the ADSL router bypass. |
|
757 |
CVE-2004-0470 |
|
|
|
2004-07-07 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not have a principal-name tag, which can remove intended access restrictions for the associated web application. |
|
758 |
CVE-2004-0469 |
|
|
Exec Code Overflow |
2004-07-07 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. |
|
759 |
CVE-2004-0461 |
|
|
DoS Exec Code Overflow |
2004-08-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. |
|
760 |
CVE-2004-0460 |
|
|
DoS Exec Code Overflow |
2004-08-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. |
|
761 |
CVE-2004-0456 |
|
|
Exec Code Overflow |
2004-12-06 |
2017-07-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. |
|
762 |
CVE-2004-0455 |
120 |
|
Exec Code Overflow |
2004-12-06 |
2020-12-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. |
|
763 |
CVE-2004-0454 |
|
|
Exec Code Overflow |
2004-12-06 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code. |
|
764 |
CVE-2004-0453 |
|
|
DoS Exec Code |
2004-08-06 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service (emulator crash) and possibly execute arbitrary code via format string specifiers in an output string. |
|
765 |
CVE-2004-0451 |
|
|
Exec Code |
2004-12-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog. |
|
766 |
CVE-2004-0450 |
|
|
Exec Code |
2004-08-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail. |
|
767 |
CVE-2004-0448 |
|
|
Exec Code |
2004-12-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages. |
|
768 |
CVE-2004-0447 |
|
|
DoS |
2004-08-06 |
2017-10-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. |
|
769 |
CVE-2004-0444 |
|
|
DoS Exec Code Overflow |
2004-07-07 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components. |
|
770 |
CVE-2004-0434 |
787 |
|
Exec Code Overflow |
2004-07-07 |
2020-11-16 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. |
|
771 |
CVE-2004-0433 |
|
|
DoS Exec Code Overflow |
2004-08-18 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets. |
|
772 |
CVE-2004-0432 |
|
|
Bypass |
2004-08-18 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. |
|
773 |
CVE-2004-0429 |
|
|
|
2004-12-31 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. |
|
774 |
CVE-2004-0425 |
|
|
Exec Code Overflow |
2004-08-18 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie. |
|
775 |
CVE-2004-0424 |
|
|
DoS Exec Code Overflow |
2004-07-07 |
2018-05-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. |
|
776 |
CVE-2004-0420 |
|
|
Exec Code |
2004-07-07 |
2021-07-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP. |
|
777 |
CVE-2004-0419 |
|
|
|
2004-08-18 |
2017-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. |
|
778 |
CVE-2004-0418 |
|
|
Exec Code |
2004-08-06 |
2018-05-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. |
|
779 |
CVE-2004-0416 |
119 |
|
Exec Code Overflow |
2004-08-06 |
2018-05-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. |
|
780 |
CVE-2004-0414 |
|
|
DoS Exec Code |
2004-08-06 |
2018-05-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. |
|
781 |
CVE-2004-0413 |
|
|
DoS Exec Code Overflow |
2004-08-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow. |
|
782 |
CVE-2004-0411 |
20 |
|
Exec Code |
2004-07-07 |
2022-02-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code. |
|
783 |
CVE-2004-0409 |
|
|
Exec Code Overflow |
2004-06-01 |
2017-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code. |
|
784 |
CVE-2004-0408 |
|
|
Exec Code Overflow |
2004-09-28 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code. |
|
785 |
CVE-2004-0401 |
|
|
|
2004-07-07 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions. |
|
786 |
CVE-2004-0400 |
|
|
DoS Exec Code Overflow |
2004-07-07 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check. |
|
787 |
CVE-2004-0399 |
|
|
DoS Exec Code Overflow |
2004-07-07 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. |
|
788 |
CVE-2004-0398 |
787 |
|
Exec Code Overflow |
2004-07-07 |
2020-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. |
|
789 |
CVE-2004-0397 |
|
|
Exec Code Overflow |
2004-07-07 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command. |
|
790 |
CVE-2004-0396 |
|
|
Exec Code Overflow |
2004-06-14 |
2017-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines. |
|
791 |
CVE-2004-0395 |
|
|
Exec Code |
2004-12-06 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call. |
|
792 |
CVE-2004-0393 |
|
|
Exec Code |
2004-12-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function. |
|
793 |
CVE-2004-0391 |
|
|
|
2004-06-01 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration. |
|
794 |
CVE-2004-0390 |
|
|
|
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. |
|
795 |
CVE-2004-0389 |
|
|
DoS |
2004-06-01 |
2017-07-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests. |
|
796 |
CVE-2004-0386 |
|
|
Exec Code Overflow |
2004-05-04 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. |
|
797 |
CVE-2004-0385 |
|
|
Exec Code Overflow |
2004-06-01 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities." |
|
798 |
CVE-2004-0383 |
|
|
|
2004-05-04 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in Mail for Mac OS X 10.3.3 and 10.2.8, with unknown impact, related to "the handling of HTML-formatted email." |
|
799 |
CVE-2004-0382 |
|
|
|
2004-05-04 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting. |
|
800 |
CVE-2004-0380 |
|
|
Exec Code Bypass |
2004-05-04 |
2018-10-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." |
