Latest CVE Feed
-
10.0
HIGHCVE-2004-0522
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2004-0591
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/delivery-sta... Read more
Affected Products : sqwebmail- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0649
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0554
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a ... Read more
Affected Products : linux_kernel enterprise_linux suse_linux modular_messaging_message_storage_server linux linux converged_communications_server intuity_audix s8300 s8500 +8 more products- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2004-0495
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.... Read more
Affected Products : linux_kernel enterprise_linux suse_linux modular_messaging_message_storage_server linux linux converged_communications_server intuity_audix s8300 s8500 +8 more products- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0212
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Exp... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2004-0589
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.... Read more
Affected Products : ios- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0201
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerabi... Read more
Affected Products : windows_2000 windows_2003_server windows_xp windows_98 windows_nt modular_messaging_message_storage_server windows_98se windows_me ip600_media_servers definity_one_media_server +1 more products- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0524
Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.... Read more
Affected Products : change_passwd- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2004-0660
Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.... Read more
Affected Products : cutenews- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-0215
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0645
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0204
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, an... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-0582
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.... Read more
Affected Products : webmin- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0460
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVE... Read more
Affected Products : suse_linux dhcpd mandrake_linux fedora_core dns_one_appliance suse_email_server suse_linux_admin-cd_for_firewall suse_linux_connectivity_server suse_linux_database_server suse_linux_firewall_cd +1 more products- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0413
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an int... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0659
Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name.... Read more
Affected Products : mplayer- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2004-0447
Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local ... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0535
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sour... Read more
Affected Products : linux_kernel suse_linux linux linux mandrake_linux mandrake_linux_corporate_server mandrake_multi_network_firewall secure_linux secure_community suse_email_server +7 more products- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2004-0581
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.... Read more
- Published: Aug. 06, 2004
- Modified: Apr. 03, 2025