compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi.
Max CVSS
10.0
EPSS Score
1.42%
Published
2004-12-06
Updated
2008-09-05
Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors.
Max CVSS
10.0
EPSS Score
1.27%
Published
2004-03-29
Updated
2017-07-11
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.23%
Published
2004-05-04
Updated
2017-07-11
Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords.
Max CVSS
10.0
EPSS Score
0.23%
Published
2004-05-04
Updated
2017-07-11
Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.32%
Published
2004-05-04
Updated
2017-07-11
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Max CVSS
10.0
EPSS Score
31.19%
Published
2004-02-17
Updated
2018-10-12
Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.
Max CVSS
10.0
EPSS Score
42.90%
Published
2004-02-17
Updated
2018-10-12
Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.
Max CVSS
10.0
EPSS Score
1.65%
Published
2004-03-29
Updated
2017-07-11
Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability."
Max CVSS
10.0
EPSS Score
16.66%
Published
2004-01-20
Updated
2021-07-23
SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name.
Max CVSS
10.0
EPSS Score
0.32%
Published
2004-08-18
Updated
2017-07-11
SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi.
Max CVSS
10.0
EPSS Score
0.32%
Published
2004-08-18
Updated
2017-07-11
Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.
Max CVSS
10.0
EPSS Score
62.97%
Published
2004-07-27
Updated
2024-02-02
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
Max CVSS
10.0
EPSS Score
0.58%
Published
2004-12-03
Updated
2017-07-11
The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function.
Max CVSS
10.0
EPSS Score
0.43%
Published
2004-03-03
Updated
2008-09-10
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.
Max CVSS
10.0
EPSS Score
89.06%
Published
2004-03-03
Updated
2017-07-11
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet.
Max CVSS
10.0
EPSS Score
5.97%
Published
2004-03-03
Updated
2017-10-10
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
Max CVSS
10.0
EPSS Score
3.31%
Published
2004-03-03
Updated
2017-10-11
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106.
Max CVSS
10.0
EPSS Score
12.05%
Published
2004-03-03
Updated
2017-10-11
Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.19%
Published
2004-12-31
Updated
2008-09-05
Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact.
Max CVSS
10.0
EPSS Score
0.31%
Published
2004-03-03
Updated
2008-09-10
Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Max CVSS
10.0
EPSS Score
22.53%
Published
2004-03-03
Updated
2017-10-11
Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification logging."
Max CVSS
10.0
EPSS Score
0.38%
Published
2004-03-15
Updated
2018-09-26
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
Max CVSS
10.0
EPSS Score
7.52%
Published
2004-03-15
Updated
2017-10-10
Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041.
Max CVSS
10.0
EPSS Score
1.71%
Published
2004-08-06
Updated
2019-04-30
Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
Max CVSS
10.0
EPSS Score
81.88%
Published
2004-11-03
Updated
2018-10-12
2451 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!