PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
Max CVSS
7.5
EPSS Score
40.36%
Published
2004-06-01
Updated
2017-07-11
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
Max CVSS
5.0
EPSS Score
29.65%
Published
2004-06-15
Updated
2008-09-05
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.
Max CVSS
2.1
EPSS Score
0.09%
Published
2004-06-19
Updated
2017-10-11
Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
Max CVSS
7.2
EPSS Score
0.10%
Published
2004-06-21
Updated
2017-10-11
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
18.93%
Published
2004-06-01
Updated
2017-10-11
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish.
Max CVSS
2.6
EPSS Score
1.27%
Published
2004-06-01
Updated
2017-07-11
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
Max CVSS
5.0
EPSS Score
1.10%
Published
2004-06-01
Updated
2017-10-11
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
Max CVSS
5.0
EPSS Score
8.95%
Published
2004-06-01
Updated
2017-10-11
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
Max CVSS
7.5
EPSS Score
97.02%
Published
2004-06-14
Updated
2017-10-11
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.
Max CVSS
5.0
EPSS Score
1.19%
Published
2004-06-14
Updated
2017-07-11
Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration.
Max CVSS
10.0
EPSS Score
1.71%
Published
2004-06-01
Updated
2017-07-11
RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.
Max CVSS
7.8
EPSS Score
2.56%
Published
2004-06-01
Updated
2024-02-15
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
2.1
EPSS Score
0.05%
Published
2004-06-01
Updated
2019-12-17
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.
Max CVSS
5.1
EPSS Score
33.69%
Published
2004-06-01
Updated
2017-07-11
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."
Max CVSS
10.0
EPSS Score
12.36%
Published
2004-06-01
Updated
2017-07-11
Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute arbitrary code via a long query string.
Max CVSS
7.5
EPSS Score
2.58%
Published
2004-06-14
Updated
2017-07-11
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).
Max CVSS
5.1
EPSS Score
96.06%
Published
2004-06-14
Updated
2018-10-12
Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query.
Max CVSS
7.5
EPSS Score
10.02%
Published
2004-06-01
Updated
2018-10-12
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
Max CVSS
5.0
EPSS Score
0.22%
Published
2004-06-01
Updated
2008-09-05
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-06-01
Updated
2017-10-11
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Max CVSS
2.6
EPSS Score
0.92%
Published
2004-06-01
Updated
2018-05-03
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
Max CVSS
6.8
EPSS Score
0.61%
Published
2004-06-01
Updated
2020-10-13
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.
Max CVSS
2.1
EPSS Score
0.06%
Published
2004-06-01
Updated
2017-10-11
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.
Max CVSS
5.0
EPSS Score
0.83%
Published
2004-06-01
Updated
2017-10-11
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-06-01
Updated
2017-07-11
52 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!