CVE List - 2004 / December
Showing 1 - 100 of 245 CVEs for December 2004 (Page 1 of 3)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2004-0949 | 2004-12-01 | The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba... |
| CVE-2004-0953 | 2004-12-01 | Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code... |
| CVE-2004-0996 | 2004-12-01 | main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2004-1008 | 2004-12-01 | Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to... |
| CVE-2004-1011 | 2004-12-01 | Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN... |
| CVE-2004-1012 | 2004-12-01 | The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated... |
| CVE-2004-1013 | 2004-12-01 | The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2)... |
| CVE-2004-1015 | 2004-12-01 | Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. |
| CVE-2004-1068 | 2004-12-01 | A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. |
| CVE-2004-1069 | 2004-12-01 | Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the... |
| CVE-2004-1070 | 2004-12-01 | The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the... |
| CVE-2004-1071 | 2004-12-01 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an... |
| CVE-2004-1072 | 2004-12-01 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause... |
| CVE-2004-1073 | 2004-12-01 | The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using... |
| CVE-2004-1074 | 2004-12-01 | The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. |
| CVE-2004-1075 | 2004-12-01 | Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which is not properly... |
| CVE-2004-1079 | 2004-12-01 | Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs 2.2.4, and possibly other versions, may allow local users to gain privileges via a long -T option. |
| CVE-2004-1080 | 2004-12-01 | The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary... |
| CVE-2004-1094 | 2004-12-01 | Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as... |
| CVE-2004-1095 | 2004-12-01 | Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote... |
| CVE-2004-1096 | 2004-12-01 | Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers... |
| CVE-2004-1097 | 2004-12-01 | Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute... |
| CVE-2004-1098 | 2004-12-01 | MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. |
| CVE-2004-1099 | 2004-12-01 | Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly... |
| CVE-2004-1100 | 2004-12-01 | Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the... |
| CVE-2004-1101 | 2004-12-01 | mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute... |
| CVE-2004-1102 | 2004-12-01 | MailPost 5.1.1sv, and possibly earlier versions, displays a different error message depending on whether the requested file exists or not, which allows remote attackers to gain sensitive information. |
| CVE-2004-1103 | 2004-12-01 | MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to gain sensitive information via the debug parameter, which reveals information such as the path to... |
| CVE-2004-1104 | 2004-12-01 | Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE... |
| CVE-2004-1105 | 2004-12-01 | Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. |
| CVE-2004-1106 | 2004-12-01 | Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php. |
| CVE-2004-1107 | 2004-12-01 | dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. |
| CVE-2004-1108 | 2004-12-01 | qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory. |
| CVE-2004-1109 | 2004-12-01 | The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1)... |
| CVE-2004-1110 | 2004-12-01 | The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file. |
| CVE-2004-1111 | 2004-12-01 | Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which... |
| CVE-2004-1112 | 2004-12-01 | The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to... |
| CVE-2004-1113 | 2004-12-01 | SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses. |
| CVE-2004-1114 | 2004-12-01 | Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username,... |
| CVE-2004-1115 | 2004-12-01 | The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. |
| CVE-2004-1116 | 2004-12-01 | The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. |
| CVE-2004-1117 | 2004-12-01 | The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. |
| CVE-2004-1118 | 2004-12-01 | Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to... |
| CVE-2004-1119 | 2004-12-01 | Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. |
| CVE-2004-1120 | 2004-12-01 | Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via... |
| CVE-2004-0956 | 2004-12-05 | MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote. |
| CVE-2004-0987 | 2004-12-05 | Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code. |
| CVE-2004-1066 | 2004-12-05 | The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local... |
| CVE-2004-1123 | 2004-12-05 | Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null... |
| CVE-2004-1127 | 2004-12-05 | Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command. |
| CVE-2004-1128 | 2004-12-05 | Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename. |
| CVE-2004-1129 | 2004-12-05 | SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata... |
| CVE-2004-1130 | 2004-12-05 | Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or... |
| CVE-2004-0139 | 2004-12-08 | Unknown vulnerability in the bsd.a kernel networking for SGI IRIX 6.5.22 through 6.5.25, and possibly earlier versions, in which "t_unbind changes t_bind's behavior," has unknown impact and attack vectors. |
| CVE-2004-0770 | 2004-12-08 | romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM... |
| CVE-2004-1014 | 2004-12-08 | statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that... |
| CVE-2004-1018 | 2004-12-08 | Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value... |
| CVE-2004-1020 | 2004-12-08 | The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory... |
| CVE-2004-1063 | 2004-12-08 | PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside... |
| CVE-2004-1064 | 2004-12-08 | The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers... |
| CVE-2004-1076 | 2004-12-08 | Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file. |
| CVE-2004-1133 | 2004-12-08 | Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remote attackers to inject arbitrary HTML and web script via (1) HTTP headers such as "Connection" or (2) invalid... |
| CVE-2004-1134 | 2004-12-08 | Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string. |
| CVE-2004-1135 | 2004-12-08 | Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR... |
| CVE-2004-1136 | 2004-12-08 | Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands. |
| CVE-2004-1151 | 2004-12-08 | Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges. |
| CVE-2004-0915 | 2004-12-10 | Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to... |
| CVE-2004-0993 | 2004-12-10 | Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code. |
| CVE-2004-1026 | 2004-12-10 | Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service... |
| CVE-2004-1067 | 2004-12-10 | Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. |
| CVE-2004-1122 | 2004-12-10 | Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other... |
| CVE-2004-1155 | 2004-12-10 | Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a... |
| CVE-2004-1156 | 2004-12-10 | Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but... |
| CVE-2004-1157 | 2004-12-10 | Opera 7.x up to 7.54, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is... |
| CVE-2004-1158 | 2004-12-10 | Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose... |
| CVE-2004-1160 | 2004-12-10 | Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known... |
| CVE-2004-1161 | 2004-12-10 | rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1)... |
| CVE-2004-1162 | 2004-12-10 | The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary... |
| CVE-2004-1163 | 2004-12-10 | Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (CPU consumption) by ending a connection after sending a... |
| CVE-2004-1164 | 2004-12-10 | The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence." |
| CVE-2004-1165 | 2004-12-10 | Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be... |
| CVE-2004-1166 | 2004-12-10 | CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the... |
| CVE-2004-1167 | 2004-12-10 | mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack. |
| CVE-2004-1168 | 2004-12-10 | Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header. |
| CVE-2004-1169 | 2004-12-10 | MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by... |
| CVE-2004-1170 | 2004-12-10 | a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. |
| CVE-2004-1171 | 2004-12-10 | KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext... |
| CVE-2004-0568 | 2004-12-15 | HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file,... |
| CVE-2004-0571 | 2004-12-15 | Microsoft Word for Windows 6.0 Converter does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by... |
| CVE-2004-0893 | 2004-12-15 | The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages... |
| CVE-2004-0894 | 2004-12-15 | LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed... |
| CVE-2004-0899 | 2004-12-15 | The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition, with DHCP logging enabled, does not properly validate the length of certain messages, which allows remote... |
| CVE-2004-0900 | 2004-12-15 | The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary... |
| CVE-2004-0901 | 2004-12-15 | Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf,... |
| CVE-2004-0914 | 2004-12-15 | Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter,... |
| CVE-2004-0994 | 2004-12-15 | Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as... |
| CVE-2004-1016 | 2004-12-15 | The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang)... |
| CVE-2004-1022 | 2004-12-15 | Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use symmetric encryption for user passwords, which allows attackers to decrypt the user database and obtain the passwords... |
| CVE-2004-1023 | 2004-12-15 | Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users... |
| CVE-2004-1025 | 2004-12-15 | Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and... |