CVE List - 2004 / August
Showing 1 - 57 of 57 CVEs for August 2004 (Page 1 of 1)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2004-0722 | 2004-08-03 | Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. |
| CVE-2004-0757 | 2004-08-03 | Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary... |
| CVE-2004-0758 | 2004-08-03 | Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers... |
| CVE-2004-0759 | 2004-08-03 | Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag. |
| CVE-2004-0760 | 2004-08-03 | Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. |
| CVE-2004-0761 | 2004-08-03 | Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear... |
| CVE-2004-0762 | 2004-08-03 | Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. |
| CVE-2004-0763 | 2004-08-03 | Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method. |
| CVE-2004-0764 | 2004-08-03 | Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. |
| CVE-2004-0765 | 2004-08-03 | The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is... |
| CVE-2004-0766 | 2004-08-04 | NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2)... |
| CVE-2004-0767 | 2004-08-04 | NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2)... |
| CVE-2004-0769 | 2004-08-04 | Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option... |
| CVE-2004-0415 | 2004-08-05 | Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. |
| CVE-2004-0494 | 2004-08-05 | Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI. |
| CVE-2004-0597 | 2004-08-05 | Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function... |
| CVE-2004-0598 | 2004-08-05 | The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. |
| CVE-2004-0599 | 2004-08-05 | Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers... |
| CVE-2004-0771 | 2004-08-05 | Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than... |
| CVE-2004-0203 | 2004-08-12 | Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web... |
| CVE-2004-0636 | 2004-08-12 | Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away... |
| CVE-2004-0743 | 2004-08-12 | Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after... |
| CVE-2004-0744 | 2004-08-12 | The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending... |
| CVE-2004-0630 | 2004-08-14 | The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via... |
| CVE-2004-0631 | 2004-08-14 | Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute... |
| CVE-2004-0779 | 2004-08-14 | The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted... |
| CVE-2003-0105 | 2004-08-18 | ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS... |
| CVE-2003-0928 | 2004-08-18 | Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy. |
| CVE-2003-0929 | 2004-08-18 | Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy. |
| CVE-2003-0930 | 2004-08-18 | Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. |
| CVE-2003-0931 | 2004-08-18 | Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999. |
| CVE-2004-0163 | 2004-08-18 | Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing... |
| CVE-2004-0593 | 2004-08-18 | Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules. |
| CVE-2004-0629 | 2004-08-18 | Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a... |
| CVE-2004-0778 | 2004-08-18 | CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which... |
| CVE-2004-0792 | 2004-08-18 | Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. |
| CVE-2004-0408 | 2004-08-19 | Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code. |
| CVE-2004-0457 | 2004-08-19 | The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary... |
| CVE-2004-0458 | 2004-08-19 | mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference. |
| CVE-2004-0689 | 2004-08-19 | KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. |
| CVE-2004-0755 | 2004-08-19 | The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions. |
| CVE-2004-0768 | 2004-08-19 | libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. |
| CVE-2004-0777 | 2004-08-19 | Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code. |
| CVE-2004-0794 | 2004-08-19 | Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code. |
| CVE-2003-1049 | 2004-08-20 | IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. |
| CVE-2003-1050 | 2004-08-20 | Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. |
| CVE-2003-1051 | 2004-08-20 | Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3)... |
| CVE-2003-1052 | 2004-08-20 | IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. |
| CVE-2004-0795 | 2004-08-20 | DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. |
| CVE-2002-1583 | 2004-08-20 | Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor... |
| CVE-2004-0796 | 2004-08-24 | SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages. |
| CVE-2004-0691 | 2004-08-25 | Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute... |
| CVE-2004-0692 | 2004-08-25 | The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null... |
| CVE-2004-0693 | 2004-08-25 | The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null... |
| CVE-2004-0800 | 2004-08-25 | Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. |
| CVE-2004-0798 | 2004-08-27 | Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter. |
| CVE-1999-0718 | 2004-09-01 | IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key. |
| CVE-1999-1189 | 2004-09-01 | Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument... |
| CVE-1999-1199 | 2004-09-01 | Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the... |
| CVE-1999-1201 | 2004-09-01 | Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via... |
| CVE-1999-1217 | 2004-09-01 | The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly... |
| CVE-1999-1365 | 2004-09-01 | Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to... |
| CVE-1999-1397 | 2004-09-01 | Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical... |
| CVE-1999-1486 | 2004-09-01 | sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-1999-1520 | 2004-09-01 | A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information. |
| CVE-1999-1537 | 2004-09-01 | IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL... |
| CVE-1999-1556 | 2004-09-01 | Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to... |
| CVE-1999-1568 | 2004-09-01 | Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command. |
| CVE-2000-0247 | 2004-09-01 | Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges. |
| CVE-2000-0747 | 2004-09-01 | The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it. |
| CVE-2000-0773 | 2004-09-01 | Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack. |
| CVE-2000-0781 | 2004-09-01 | uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local... |
| CVE-2000-0797 | 2004-09-01 | Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option. |
| CVE-2000-0894 | 2004-09-01 | HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service... |
| CVE-2000-0895 | 2004-09-01 | Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request. |
| CVE-2000-1203 | 2004-09-01 | Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which... |
| CVE-2001-0042 | 2004-09-01 | PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences. |
| CVE-2001-0375 | 2004-09-01 | Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of... |
| CVE-2001-0423 | 2004-09-01 | Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. |
| CVE-2001-0485 | 2004-09-01 | Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option. |
| CVE-2001-0548 | 2004-09-01 | Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable. |
| CVE-2001-0612 | 2004-09-01 | McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. |
| CVE-2001-0643 | 2004-09-01 | Internet Explorer 5.5 does not display the Class ID (CLSID) when it is at the end of the file name, which could allow attackers to trick the user into executing... |
| CVE-2001-0741 | 2004-09-01 | Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets. |
| CVE-2001-0749 | 2004-09-01 | Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root. |
| CVE-2001-0792 | 2004-09-01 | Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname. |
| CVE-2001-0825 | 2004-09-01 | Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length... |
| CVE-2001-0837 | 2004-09-01 | DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3)... |
| CVE-2001-0902 | 2004-09-01 | Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. |
| CVE-2001-0907 | 2004-09-01 | Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to... |
| CVE-2001-0909 | 2004-09-01 | Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL. |
| CVE-2001-0914 | 2004-09-01 | Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking... |
| CVE-2001-0951 | 2004-09-01 | Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of... |
| CVE-2001-1029 | 2004-09-01 | libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the... |
| CVE-2001-1055 | 2004-09-01 | The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC... |
| CVE-2001-1066 | 2004-09-01 | ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-1069 | 2004-09-01 | libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. |
| CVE-2001-1081 | 2004-09-01 | Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are... |
| CVE-2001-1098 | 2004-09-01 | Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file. |
| CVE-2001-1103 | 2004-09-01 | FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. |