Redhat » Enterprise Linux : Security Vulnerabilities, CVEs, Published In 2004 (Denial of service)
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Max CVSS
7.5
EPSS Score
0.57%
Published
2004-11-23
Updated
2023-12-28
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
Max CVSS
7.5
EPSS Score
4.39%
Published
2004-09-16
Updated
2017-10-11
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Max CVSS
5.0
EPSS Score
0.26%
Published
2004-11-23
Updated
2021-11-08
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
Max CVSS
5.0
EPSS Score
1.25%
Published
2004-04-15
Updated
2017-10-10
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
0.25%
Published
2004-11-23
Updated
2024-02-15
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Max CVSS
5.0
EPSS Score
2.06%
Published
2004-08-18
Updated
2024-02-09
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
Max CVSS
5.0
EPSS Score
2.56%
Published
2004-12-06
Updated
2017-10-11
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
Max CVSS
5.0
EPSS Score
2.27%
Published
2004-12-06
Updated
2017-10-11
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
2.21%
Published
2004-12-06
Updated
2017-10-11
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
Max CVSS
5.0
EPSS Score
0.88%
Published
2004-09-16
Updated
2022-09-23
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
Max CVSS
5.0
EPSS Score
0.85%
Published
2004-12-15
Updated
2017-10-11
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
Max CVSS
5.0
EPSS Score
2.47%
Published
2004-12-15
Updated
2017-10-11
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
Max CVSS
5.0
EPSS Score
1.06%
Published
2004-10-18
Updated
2017-10-11
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Max CVSS
2.1
EPSS Score
0.05%
Published
2004-08-06
Updated
2017-10-11
14 vulnerabilities found