Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.
Max CVSS
7.2
EPSS Score
97.31%
Published
2004-08-31
Updated
2017-07-11
Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header.
Max CVSS
7.5
EPSS Score
21.37%
Published
2004-08-24
Updated
2017-07-11
Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
Max CVSS
5.0
EPSS Score
3.42%
Published
2004-08-24
Updated
2017-07-11
Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string.
Max CVSS
7.5
EPSS Score
11.71%
Published
2004-08-20
Updated
2017-07-11
Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
2.55%
Published
2004-08-20
Updated
2017-07-11
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
Max CVSS
10.0
EPSS Score
13.31%
Published
2004-08-09
Updated
2017-07-11
Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future.
Max CVSS
7.2
EPSS Score
0.06%
Published
2004-08-31
Updated
2017-07-11
Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST.
Max CVSS
5.0
EPSS Score
4.29%
Published
2004-08-29
Updated
2017-07-11
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
Max CVSS
9.0
EPSS Score
75.25%
Published
2004-08-04
Updated
2017-07-11
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
Max CVSS
9.8
EPSS Score
10.49%
Published
2004-08-04
Updated
2024-02-02
Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.
Max CVSS
10.0
EPSS Score
12.84%
Published
2004-08-18
Updated
2017-10-11
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
1.67%
Published
2004-08-18
Updated
2017-10-11
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
83.70%
Published
2004-08-18
Updated
2017-10-11
Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.
Max CVSS
10.0
EPSS Score
4.30%
Published
2004-08-06
Updated
2008-10-24
Off-by-one error in the POP3_readmsg function in popclient 3.0b6 allows remote attackers to cause a denial of service (application crash) via an e-mail message with a certain line length, which leads to a buffer overflow.
Max CVSS
7.5
EPSS Score
1.26%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name.
Max CVSS
10.0
EPSS Score
9.96%
Published
2004-08-06
Updated
2017-07-11
Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-07-11
Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.
Max CVSS
5.0
EPSS Score
0.19%
Published
2004-08-06
Updated
2020-06-18
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
2.54%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.
Max CVSS
10.0
EPSS Score
9.66%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command.
Max CVSS
10.0
EPSS Score
7.21%
Published
2004-08-18
Updated
2017-07-11
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters.
Max CVSS
7.5
EPSS Score
5.07%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash).
Max CVSS
5.0
EPSS Score
0.93%
Published
2004-08-06
Updated
2017-07-11

CVE-2004-0541

Public exploit
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
Max CVSS
10.0
EPSS Score
96.32%
Published
2004-08-06
Updated
2018-05-03
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-10-11
42 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!