Unknown · CVSS Not scored
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote attackers to insert arbitrary HTML and script via e-mail messages.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Horde IMP 3.2.3 and earlier, before a "security fix," does not properly validate input, which allows remote attackers to execute arbitrary script as other users via script or HTML in an e-mail message, possibly triggering a cross-site scripting (XSS) vulnerability.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Published Jun 15, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via (1) the "%", "|", or ">" characters to the escapeshellcmd function, or (2) the "%" character to the escapeshellarg function.
Published Jun 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.
Published Jun 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
Published Jun 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash).
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object.
Published Jun 15, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
Published Jun 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
LVM for AIX 5.1 and 5.2 allows local users to overwrite arbitrary files via a symlink attack.
Published Jun 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls."
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language (VML) entity whose src parameter points to the remote site, which could allow remote attackers to know when a message has been read, verify valid e-mail addresses, and possibly leak other information.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files."
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups."
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
Published Jun 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
Published Jun 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 allows remote attackers to cause a denial of service (reboot or packet loss) via a long string containing Telnet escape characters to the Telnet port.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk.
Published Jun 3, 2004 · Updated Aug 8, 2024