Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.67%
Published
2004-08-18
Updated
2017-07-11
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Max CVSS
10.0
EPSS Score
1.63%
Published
2004-08-06
Updated
2018-05-03
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
Max CVSS
7.5
EPSS Score
7.83%
Published
2004-09-28
Updated
2017-10-11
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
Max CVSS
7.1
EPSS Score
1.37%
Published
2004-12-31
Updated
2017-07-11
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
Max CVSS
6.4
EPSS Score
96.23%
Published
2004-08-06
Updated
2021-06-06
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
Max CVSS
5.0
EPSS Score
0.42%
Published
2004-08-18
Updated
2017-07-11
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
Max CVSS
5.0
EPSS Score
1.54%
Published
2004-12-06
Updated
2017-07-11
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
Max CVSS
5.0
EPSS Score
1.30%
Published
2004-12-06
Updated
2017-07-11
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
Max CVSS
5.0
EPSS Score
2.56%
Published
2004-12-06
Updated
2017-10-11
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
Max CVSS
5.0
EPSS Score
2.27%
Published
2004-12-06
Updated
2017-10-11
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
2.21%
Published
2004-12-06
Updated
2017-10-11
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
Max CVSS
5.0
EPSS Score
0.88%
Published
2004-09-16
Updated
2022-09-23
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Max CVSS
2.1
EPSS Score
0.05%
Published
2004-08-06
Updated
2017-10-11
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-05-02
Updated
2017-07-11
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!