Unknown · CVSS Not scored
X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.
Published Mar 18, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands.
Published Mar 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter.
Published Mar 18, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
Published Mar 25, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."
Published Mar 4, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
Published Mar 4, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges.
Published Mar 25, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames.
Published Mar 27, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.
Published Mar 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Published Mar 18, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by triggering certain error messages.
Published Mar 27, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
Published Mar 4, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar."
Published Mar 4, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
Published Mar 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Published Mar 18, 2004 · Updated Aug 8, 2024