LiveActive security incident?Get immediate response
CVE archive

December 2004

Browse CVE records published in December 2004, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 298 matching CVEs · Page 1 of 6.

Unknown · CVSS Not scored

CVE-2004-2629: Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Mee...

Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a denial of service, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.

Published Dec 4, 2005 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2004-2610: mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a...

mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerability because there is not necessarily any common usage in which privilege boundaries are crossed. Typical usage would restrict write access to the configuration file.

Published Dec 4, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-2611: The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly inc...

The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities.

Published Dec 4, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-2613: Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and L...

Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408.

Published Dec 4, 2005 · Updated Aug 8, 2024