| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1401 |
CVE-2004-1360 |
|
|
|
2004-02-27 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. |
|
1402 |
CVE-2004-1359 |
|
|
Exec Code Overflow |
2004-03-04 |
2018-10-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. |
|
1403 |
CVE-2004-1358 |
|
|
|
2004-03-12 |
2017-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. |
|
1404 |
CVE-2004-1357 |
|
|
|
2004-04-07 |
2017-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities. |
|
1405 |
CVE-2004-1356 |
|
|
DoS |
2004-04-23 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. |
|
1406 |
CVE-2004-1355 |
|
|
DoS |
2004-04-26 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. |
|
1407 |
CVE-2004-1354 |
22 |
|
Dir. Trav. +Info |
2004-05-14 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. |
|
1408 |
CVE-2004-1353 |
|
|
Exec Code |
2004-10-19 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges. |
|
1409 |
CVE-2004-1352 |
|
|
Exec Code Overflow |
2004-12-01 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code. |
|
1410 |
CVE-2004-1351 |
|
|
Exec Code |
2004-12-07 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code. |
|
1411 |
CVE-2004-1350 |
|
|
Exec Code Overflow |
2004-10-30 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests. |
|
1412 |
CVE-2004-1349 |
|
|
|
2004-10-04 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. |
|
1413 |
CVE-2004-1348 |
|
|
DoS |
2004-09-06 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). |
|
1414 |
CVE-2004-1347 |
|
|
DoS |
2004-08-10 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request. |
|
1415 |
CVE-2004-1346 |
|
|
DoS |
2004-06-19 |
2017-10-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM. |
|
1416 |
CVE-2004-1345 |
|
|
|
2004-06-21 |
2017-10-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access. |
|
1417 |
CVE-2004-1343 |
|
|
DoS |
2004-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash). |
|
1418 |
CVE-2004-1339 |
89 |
|
Exec Code Sql |
2004-12-23 |
2017-07-11 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters. |
|
1419 |
CVE-2004-1338 |
264 |
|
+Priv |
2004-12-23 |
2017-07-11 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, then performing a DELETE on the SDO_TXN_IDX_INSERTS table, which causes the SDO_CMT_CBK_TRIG trigger to execute the user-supplied functions. |
|
1420 |
CVE-2004-1337 |
|
|
+Priv |
2004-12-23 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. |
|
1421 |
CVE-2004-1336 |
|
|
|
2004-12-23 |
2017-07-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. |
|
1422 |
CVE-2004-1335 |
|
|
DoS |
2004-12-15 |
2017-10-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. |
|
1423 |
CVE-2004-1334 |
|
|
DoS Overflow |
2004-12-15 |
2017-07-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. |
|
1424 |
CVE-2004-1333 |
|
|
DoS Overflow |
2004-12-15 |
2018-10-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. |
|
1425 |
CVE-2004-1332 |
|
|
Exec Code Overflow |
2004-12-31 |
2017-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. |
|
1426 |
CVE-2004-1331 |
|
|
Bypass |
2004-11-16 |
2021-07-23 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command. |
|
1427 |
CVE-2004-1330 |
|
|
Exec Code Overflow |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. |
|
1428 |
CVE-2004-1329 |
|
|
Exec Code |
2004-12-20 |
2018-10-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program. |
|
1429 |
CVE-2004-1328 |
|
|
+Priv |
2004-12-31 |
2017-10-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. |
|
1430 |
CVE-2004-1327 |
|
|
Exec Code Overflow |
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension. |
|
1431 |
CVE-2004-1326 |
|
|
Exec Code Overflow |
2004-12-20 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter. |
|
1432 |
CVE-2004-1325 |
|
|
|
2004-12-18 |
2017-07-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system. |
|
1433 |
CVE-2004-1324 |
|
|
|
2004-12-18 |
2017-07-11 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer. |
|
1434 |
CVE-2004-1323 |
|
|
DoS |
2004-12-16 |
2017-07-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. |
|
1435 |
CVE-2004-1322 |
|
|
|
2004-12-15 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. |
|
1436 |
CVE-2004-1321 |
|
|
|
2004-12-15 |
2016-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access. |
|
1437 |
CVE-2004-1320 |
|
|
|
2004-12-15 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could allow remote attackers to gain unauthorized access. |
|
1438 |
CVE-2004-1319 |
|
|
|
2004-12-15 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the parent into the child using execScript, as demonstrated by "AbusiveParent" in Internet Explorer 6.0.2900.2180. |
|
1439 |
CVE-2004-1317 |
|
|
Exec Code Overflow |
2004-12-27 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command. |
|
1440 |
CVE-2004-1316 |
|
|
DoS Overflow |
2004-12-29 |
2018-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated. |
|
1441 |
CVE-2004-1315 |
|
|
Exec Code |
2004-11-12 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm. |
|
1442 |
CVE-2004-1307 |
|
|
Exec Code Overflow |
2004-12-21 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. |
|
1443 |
CVE-2004-1306 |
|
|
Exec Code Overflow |
2004-12-31 |
2019-04-30 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file. |
|
1444 |
CVE-2004-1305 |
|
|
DoS |
2004-12-23 |
2019-04-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. |
|
1445 |
CVE-2004-1296 |
|
|
|
2004-12-31 |
2017-07-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. |
|
1446 |
CVE-2004-1244 |
|
|
Exec Code |
2004-02-08 |
2018-10-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability." |
|
1447 |
CVE-2004-1236 |
|
|
Exec Code Overflow |
2004-12-31 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code. |
|
1448 |
CVE-2004-1234 |
|
|
DoS |
2004-12-31 |
2017-10-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL. |
|
1449 |
CVE-2004-1200 |
|
|
DoS |
2004-12-31 |
2017-07-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. |
|
1450 |
CVE-2004-1198 |
|
|
DoS |
2004-12-31 |
2021-07-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. |
