CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2004

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2004-1771 Bypass 2004-11-30 2008-09-05
5.0
None Remote Low Not required Partial None None
Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users.
2 CVE-2004-1331 Bypass 2004-11-16 2008-09-05
2.6
None Remote High Not required None Partial None
The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command.
3 CVE-2004-1315 Exec Code 2004-11-12 2008-11-15
7.5
User Remote Low Not required Partial Partial Partial
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm.
4 CVE-2004-1121 2004-11-01 2008-09-05
5.0
None Remote Low Not required None Partial None
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
5 CVE-2004-0959 2004-11-03 2013-09-11
2.1
None Local Low Not required None Partial None
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.
6 CVE-2004-0958 2004-11-03 2010-08-21
5.0
None Remote Low Not required Partial None None
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
7 CVE-2004-0938 DoS 2004-11-03 2010-08-21
5.0
None Remote Low Not required None None Partial
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
8 CVE-2004-0920 DoS 2004-11-03 2008-09-05
5.0
None Remote Low Not required None None Partial
Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name.
9 CVE-2004-0911 DoS 2004-11-03 2008-09-05
5.0
None Remote Low Not required None None Partial
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554.
10 CVE-2004-0885 Bypass 2004-11-03 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
11 CVE-2004-0847 Bypass 2004-11-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability."
12 CVE-2004-0846 Exec Code 2004-11-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.
13 CVE-2004-0845 +Info 2004-11-03 2013-08-15
6.4
None Remote Low Not required Partial Partial None
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site.
14 CVE-2004-0844 2004-11-03 2008-09-10
5.0
None Remote Low Not required None Partial None
Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability."
15 CVE-2004-0843 2004-11-03 2008-09-10
5.0
None Remote Low Not required None Partial None
Internet Explorer 5.5 and 6 does not properly handle plug-in navigation, which allows remote attackers to alter displayed address bars and thereby spoof web pages, facilitating phishing attacks, aka the "Plug-in Navigation Address Bar Spoofing Vulnerability."
16 CVE-2004-0840 Exec Code 2004-11-03 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated.
17 CVE-2004-0837 DoS 2004-11-03 2008-09-10
2.6
None Remote High Not required None None Partial
MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
18 CVE-2004-0836 119 DoS Exec Code Overflow 2004-11-03 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
19 CVE-2004-0835 2004-11-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
20 CVE-2004-0832 DoS 2004-11-03 2010-08-21
5.0
None Remote Low Not required None None Partial
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
21 CVE-2004-0828 2004-11-03 2008-09-05
2.1
None Local Low Not required None Partial None
The ctstrtcasd program in RSCT 2.3.0.0 and earlier on IBM AIX 5.2 and 5.3 does not properly drop privileges before executing the -f option, which allows local users to modify or create arbitrary files.
22 CVE-2004-0815 Bypass 2004-11-03 2010-01-28
7.5
User Remote Low Not required Partial Partial Partial
The unix_clean_name function in Samba 2.2.x through 2.2.11, and 3.0.x before 3.0.2a, trims certain directory names down to absolute paths, which could allow remote attackers to bypass the specified share restrictions and read, write, or list arbitrary files via "/.////" style sequences in pathnames.
23 CVE-2004-0804 DoS 2004-11-03 2010-08-21
5.0
None Remote Low Not required None None Partial
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.
24 CVE-2004-0774 DoS 2004-11-03 2008-09-05
7.8
None Remote Low Not required None None Complete
RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to cause a denial of service (CPU and memory exhaustion) via a POST request with a Content-Length header set to -1.
25 CVE-2004-0771 Exec Code Overflow 2004-11-23 2011-02-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.
26 CVE-2004-0744 DoS 2004-11-23 2008-09-10
5.0
None Remote Low Not required None None Partial
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
27 CVE-2004-0743 +Info 2004-11-23 2008-09-10
5.0
None Remote Low Not required Partial None None
Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak.
28 CVE-2004-0636 Exec Code Overflow 2004-11-23 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message.
29 CVE-2004-0599 DoS Overflow 2004-11-23 2010-08-21
5.0
None Remote Low Not required None None Partial
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
30 CVE-2004-0598 DoS 2004-11-23 2010-08-21
5.0
None Remote Low Not required None None Partial
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
31 CVE-2004-0597 Exec Code Overflow 2004-11-23 2013-07-21
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
32 CVE-2004-0575 Exec Code Overflow 2004-11-03 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.
33 CVE-2004-0574 Exec Code Overflow 2004-11-03 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
34 CVE-2004-0572 Exec Code Overflow 2004-11-03 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe.
35 CVE-2004-0569 DoS 2004-11-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper length values.
36 CVE-2004-0552 Exec Code Bypass 2004-11-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.
37 CVE-2004-0494 2004-11-23 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
38 CVE-2004-0415 2004-11-23 2010-08-21
2.1
None Local Low Not required Partial None None
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
39 CVE-2004-0361 DoS 2004-11-23 2008-09-05
5.0
None Remote Low Not required None None Partial
The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into that array.
40 CVE-2004-0360 +Priv 2004-11-23 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.
41 CVE-2004-0359 XSS 2004-11-23 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.
42 CVE-2004-0358 XSS 2004-11-23 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote attackers to execute arbitrary script as other users via (1) the mainnews parameter in admin.php, (2) the expand parameter in admin.php, (3) the id parameter in admin.php, (4) the catid parameter in admin.php, or (5) an unnamed parameter during the newslogo_upload action in admin.php.
43 CVE-2004-0357 Exec Code Overflow 2004-11-23 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.
44 CVE-2004-0356 Exec Code Overflow 2004-11-23 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.
45 CVE-2004-0355 2004-11-23 2008-09-05
5.0
None Remote Low Not required Partial None None
Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message.
46 CVE-2004-0354 Exec Code 2004-11-23 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c.
47 CVE-2004-0353 Overflow +Priv 2004-11-23 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string.
48 CVE-2004-0352 DoS 2004-11-23 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
49 CVE-2004-0351 2004-11-23 2008-09-05
2.1
None Local Low Not required Partial None None
Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.
50 CVE-2004-0350 2004-11-23 2008-09-05
2.1
None Local Low Not required Partial None None
SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring.
Total number of vulnerabilities : 172   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.