LiveActive security incident?Get immediate response
CVE archive

March 2004

Browse CVE records published in March 2004, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 165 matching CVEs · Page 3 of 4.

Unknown · CVSS Not scored

CVE-2004-0238: Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitrary code...

Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitrary code in the client via a long HOME environment variable in the (1) load_cfg and (2) save_cfg functions; possibly allow remote attackers to execute arbitrary code via long strings to (3) the send_message function; and, in the server, via (4) the parse_command_line function.

Published Mar 18, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0220: isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packe...

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published Mar 25, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0271: Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote attackers to execute arbit...

Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote attackers to execute arbitrary web script as other users via (1) the sub_name parameter of dl_showall.asp, (2) the SendTo parameter in Personal Messages, (3) the HTTP_REFERER for down.asp, or (4) the image name of an Avatar in the register form.

Published Mar 18, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0278: Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Ca...

Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet that specifies the length of data to read and then sends a second TCP packet that contains less data than specified, which causes Ratbag to repeatedly check the socket for more data.

Published Mar 18, 2004 · Updated Aug 8, 2024