Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0397 | 1 Subversion | 1 Subversion | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command. | |||||
| CVE-2004-0399 | 1 University Of Cambridge | 1 Exim | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. | |||||
| CVE-2004-0400 | 1 University Of Cambridge | 1 Exim | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check. | |||||
| CVE-2004-0401 | 1 Free Software Foundation Inc. | 1 Libtasn1 | 2017-07-10 | 10.0 HIGH | N/A |
| Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions. | |||||
| CVE-2004-0402 | 2 Mandrakesoft, Xpcd | 2 Mandrake Linux, Xpcd | 2017-07-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code. | |||||
| CVE-2004-0404 | 1 Psionic | 1 Logcheck | 2017-07-10 | 1.2 LOW | N/A |
| logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp. | |||||
| CVE-2004-0407 | 1 Macromedia | 1 Coldfusion | 2017-07-10 | 2.6 LOW | N/A |
| The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. | |||||
| CVE-2004-0408 | 1 Michael Bacarella | 1 Ident2 | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2017-07-10 | 5.0 MEDIUM | N/A |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | |||||
| CVE-2004-0413 | 2 Openpkg, Subversion | 2 Openpkg, Subversion | 2017-07-10 | 10.0 HIGH | N/A |
| libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow. | |||||
| CVE-2004-0422 | 1 Gnu | 1 Flim | 2017-07-10 | 2.1 LOW | N/A |
| flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. | |||||
| CVE-2004-0425 | 1 Netegrity | 1 Sideminder Affiliate Agent | 2017-07-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie. | |||||
| CVE-2004-0428 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact. | |||||
| CVE-2004-0429 | 1 Apple | 1 Mac Os X | 2017-07-10 | 10.0 HIGH | N/A |
| Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors. | |||||
| CVE-2004-0430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field. | |||||
| CVE-2004-0431 | 1 Apple | 1 Quicktime | 2017-07-10 | 5.1 MEDIUM | N/A |
| Integer overflow in Apple QuickTime (QuickTime.qts) before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow. | |||||
| CVE-2004-0432 | 3 Gentoo, Proftpd Project, Trustix | 3 Linux, Proftpd, Secure Linux | 2017-07-10 | 7.5 HIGH | N/A |
| ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. | |||||
| CVE-2004-0433 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2017-07-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets. | |||||
| CVE-2004-0435 | 1 Freebsd | 1 Freebsd | 2017-07-10 | 3.6 LOW | N/A |
| Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | |||||
| CVE-2004-0437 | 1 South River Technologies | 1 Titan Ftp Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an invalid socket. | |||||