LiveActive security incident?Get immediate response
CVE archive

June 2004

Browse CVE records published in June 2004, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 122 matching CVEs · Page 2 of 3.

Unknown · CVSS Not scored

CVE-2004-0542: PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local o...

PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function.

Published Jun 10, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0529: The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earli...

The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.

Published Jun 8, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0549: The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Interne...

The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object.

Published Jun 15, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0501: Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a...

Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language (VML) entity whose src parameter points to the remote site, which could allow remote attackers to know when a message has been read, verify valid e-mail addresses, and possibly leak other information.

Published Jun 3, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0503: Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script w...

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502.

Published Jun 3, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0461: The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not pro...

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.

Published Jun 24, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0460: Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13...

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.

Published Jun 24, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0490: cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-disca...

cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.

Published Jun 3, 2004 · Updated Aug 8, 2024