CVE-2004-0011: Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
Published Sep 1, 2004 · Updated Aug 8, 2024
Browse CVE records published in September 2004, with severity, affected products, CWE, KEV, and source-backed vulnerability context.
Showing 12 of 162 matching CVEs · Page 4 of 4.
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
Published Sep 1, 2004 · Updated Aug 8, 2024
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.
Published Sep 1, 2004 · Updated Aug 8, 2024
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
Published Sep 24, 2004 · Updated Aug 8, 2024
SQL injection vulnerability in calendar.php for vBulletin Forum 2.3.x before 2.3.4 allows remote attackers to steal sensitive information via the eventid parameter.
Published Sep 1, 2004 · Updated Aug 8, 2024
Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user.
Published Sep 1, 2004 · Updated Aug 8, 2024
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.
Published Sep 24, 2004 · Updated Aug 8, 2024
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.
Published Sep 1, 2004 · Updated Aug 8, 2024
admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command.
Published Sep 1, 2004 · Updated Aug 8, 2024
PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php.
Published Sep 1, 2004 · Updated Aug 8, 2024
The libCheckSignature function in crypto-utils.lib for OpenCA 0.9.1.6 and earlier only compares the serial of the signer's certificate and the one in the database, which can cause OpenCA to incorrectly accept a signature if the certificate's chain is trusted by OpenCA's chain directory, allowing remote attackers to spoof requests from other users.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024