Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.
Max CVSS
10.0
EPSS Score
4.17%
Published
2004-12-31
Updated
2017-10-19

CVE-2004-2111

Public exploit
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
Max CVSS
8.5
EPSS Score
97.24%
Published
2004-12-31
Updated
2020-07-28
Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL property inside an object tag.
Max CVSS
10.0
EPSS Score
3.58%
Published
2004-12-31
Updated
2017-07-11
Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.
Max CVSS
10.0
EPSS Score
20.98%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name.
Max CVSS
10.0
EPSS Score
7.78%
Published
2004-12-31
Updated
2017-07-11
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
Max CVSS
10.0
EPSS Score
13.31%
Published
2004-08-09
Updated
2017-07-11
Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.
Max CVSS
10.0
EPSS Score
8.18%
Published
2004-10-26
Updated
2017-07-11
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.
Max CVSS
9.0
EPSS Score
0.56%
Published
2004-10-23
Updated
2020-12-08
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
Max CVSS
9.0
EPSS Score
75.25%
Published
2004-08-04
Updated
2017-07-11
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
Max CVSS
9.8
EPSS Score
10.49%
Published
2004-08-04
Updated
2024-02-02
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
10.97%
Published
2004-12-31
Updated
2017-07-11
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
Max CVSS
10.0
EPSS Score
92.71%
Published
2004-12-31
Updated
2021-07-23
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
Max CVSS
10.0
EPSS Score
11.69%
Published
2004-12-31
Updated
2017-10-11
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
Max CVSS
10.0
EPSS Score
0.68%
Published
2004-11-03
Updated
2019-12-17
Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.
Max CVSS
10.0
EPSS Score
2.13%
Published
2004-11-23
Updated
2017-10-11
Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.
Max CVSS
10.0
EPSS Score
12.84%
Published
2004-08-18
Updated
2017-10-11
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
1.67%
Published
2004-08-18
Updated
2017-10-11
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
83.70%
Published
2004-08-18
Updated
2017-10-11
Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.
Max CVSS
10.0
EPSS Score
4.30%
Published
2004-08-06
Updated
2008-10-24
Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name.
Max CVSS
10.0
EPSS Score
9.96%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
2.54%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in the WriteToLog function for JRun 3.0 through 4.0 web server connectors, such as (1) mod_jrun and (2) mod_jrun20 for Apache, with verbose logging enabled, allows remote attackers to execute arbitrary code via a long HTTP header Content-Type field or other fields.
Max CVSS
10.0
EPSS Score
8.23%
Published
2004-12-23
Updated
2017-07-11
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.
Max CVSS
10.0
EPSS Score
9.66%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument.
Max CVSS
8.5
EPSS Score
0.86%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-0636

Public exploit
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message.
Max CVSS
10.0
EPSS Score
91.90%
Published
2004-11-23
Updated
2017-07-11
74 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!