Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1302 | 1 Yamt | 1 Yamt | 2017-07-10 | 10.0 HIGH | N/A |
| The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote attackers to execute arbitrary commands via an MP3 file with double quotes in the Artist tag. | |||||
| CVE-2004-1303 | 1 Yanf | 1 Yanf | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in the get function in get.c for Yanf 0.4 allows remote malicious web servers to execute arbitrary code via crafted HTTP responses. | |||||
| CVE-2004-1304 | 3 File, Gentoo, Trustix | 3 File, Linux, Secure Linux | 2017-07-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. | |||||
| CVE-2004-1309 | 1 Mplayer | 1 Unix Mplayer | 2017-07-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap (BMP) file containing a large biClrUsed field. | |||||
| CVE-2004-1310 | 1 Mplayer | 1 Mplayer | 2017-07-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet. | |||||
| CVE-2004-1311 | 1 Mplayer | 1 Mplayer | 2017-07-10 | 10.0 HIGH | N/A |
| Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. | |||||
| CVE-2004-1313 | 1 Webroot Software | 1 My Firewall Plus | 2017-07-10 | 7.2 HIGH | N/A |
| The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before invoking help, which allows local users to gain privileges. | |||||
| CVE-2004-1314 | 1 Apple | 1 Safari | 2017-07-10 | 7.5 HIGH | N/A |
| Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122. | |||||
| CVE-2004-1315 | 1 Phpbb Group | 1 Phpbb | 2017-07-10 | 7.5 HIGH | N/A |
| viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm. | |||||
| CVE-2004-1317 | 1 Netcat | 1 Netcat | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command. | |||||
| CVE-2004-1318 | 1 Namazu | 1 Namazu | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized. | |||||
| CVE-2004-1320 | 1 Asante | 1 Fm2008 Managed Ethernet Switch | 2017-07-10 | 7.5 HIGH | N/A |
| Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could allow remote attackers to gain unauthorized access. | |||||
| CVE-2004-1322 | 1 Cisco | 1 Unity Server | 2017-07-10 | 7.5 HIGH | N/A |
| Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages. | |||||
| CVE-2004-1323 | 1 Netbsd | 1 Netbsd | 2017-07-10 | 2.1 LOW | N/A |
| Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions. | |||||
| CVE-2004-1324 | 1 Microsoft | 1 Windows Media Player | 2017-07-10 | 2.6 LOW | N/A |
| The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer. | |||||
| CVE-2004-1325 | 1 Microsoft | 1 Windows Media Player | 2017-07-10 | 5.0 MEDIUM | N/A |
| The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system. | |||||
| CVE-2004-1326 | 1 Ultrix | 1 Dxterm | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter. | |||||
| CVE-2004-1327 | 1 Crystal Art Software | 1 Crystal Ftp | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension. | |||||
| CVE-2004-1330 | 1 Ibm | 1 Aix | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username. | |||||
| CVE-2004-1334 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2017-07-10 | 2.1 LOW | N/A |
| Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. | |||||