High · CVSS 7.8
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
Published Sep 17, 2004 · Updated Jan 16, 2025
Unknown · CVSS Not scored
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
Published Sep 23, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message.
Published Sep 7, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416.
Published Sep 6, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure.
Published Sep 23, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.
Published Sep 14, 2006 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554.
Published Sep 28, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users.
Published Sep 14, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Published Sep 2, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
Published Sep 17, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to reference a malicious program.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability."
Published Sep 14, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service (daemon crash) by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2.
Published Sep 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
Published Sep 17, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."
Published Sep 14, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm".
Published Sep 17, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware (aka webdistro) 0.9.16.002 and earlier allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to the wiki module.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
Published Sep 17, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet.
Published Sep 2, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
Published Sep 2, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
Published Sep 28, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.
Published Sep 14, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
Published Sep 17, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service (application deadlock) via a certain sequence of operations.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
Published Sep 10, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).
Published Sep 17, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter.
Published Sep 14, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
Published Sep 2, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The CFPlugIn in Core Foundation framework in Mac OS X allows user supplied libraries to be loaded, which could allow local users to gain privileges.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file.
Published Sep 14, 2004 · Updated Aug 8, 2024