CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2004

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2004-2044 +Info 2004-06-01 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
2 CVE-2004-1754 2004-06-15 2008-09-05
5.0
None Remote Low Not required None Partial None
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
3 CVE-2004-1346 DoS 2004-06-19 2008-09-10
2.1
None Local Low Not required None None Partial
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.
4 CVE-2004-1345 2004-06-21 2010-08-21
7.2
Admin Local Low Not required Complete Complete Complete
Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
5 CVE-2004-0409 Exec Code Overflow 2004-06-01 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
6 CVE-2004-0407 DoS 2004-06-01 2008-09-05
2.6
None Remote High Not required None None Partial
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish.
7 CVE-2004-0405 2004-06-01 2010-08-21
5.0
None Remote Low Not required Partial None None
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
8 CVE-2004-0403 DoS 2004-06-01 2010-08-21
5.0
None Remote Low Not required None None Partial
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
9 CVE-2004-0396 Exec Code Overflow 2004-06-14 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
10 CVE-2004-0392 DoS 2004-06-14 2008-09-10
5.0
None Remote Low Not required None None Partial
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.
11 CVE-2004-0391 2004-06-01 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration.
12 CVE-2004-0389 DoS 2004-06-01 2008-09-10
7.8
None Remote Low Not required None None Complete
RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.
13 CVE-2004-0388 2004-06-01 2010-08-21
2.1
None Local Low Not required None Partial None
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
14 CVE-2004-0387 Exec Code Overflow 2004-06-01 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.
15 CVE-2004-0385 Exec Code Overflow 2004-06-01 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."
16 CVE-2004-0227 Exec Code Overflow 2004-06-14 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute arbitrary code via a long query string.
17 CVE-2004-0199 Exec Code 2004-06-14 2008-09-10
5.1
User Remote High Not required Partial Partial Partial
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm).
18 CVE-2004-0197 Exec Code Overflow 2004-06-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query.
19 CVE-2004-0182 DoS 2004-06-01 2008-09-05
5.0
None Remote Low Not required None None Partial
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
20 CVE-2004-0181 +Info 2004-06-01 2010-08-21
2.1
None Local Low Not required Partial None None
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.
21 CVE-2004-0180 2004-06-01 2010-08-21
2.6
None Remote High Not required None Partial None
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
22 CVE-2004-0179 Exec Code 2004-06-01 2010-08-21
5.1
User Remote High Not required Partial Partial Partial
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
23 CVE-2004-0178 DoS 2004-06-01 2010-08-21
2.1
None Local Low Not required None None Partial
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.
24 CVE-2004-0177 +Info 2004-06-01 2010-08-21
5.0
None Remote Low Not required Partial None None
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.
25 CVE-2004-0157 Exec Code 2004-06-01 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
26 CVE-2004-0156 DoS Exec Code 2004-06-01 2008-09-10
5.0
None Remote Low Not required None None Partial
Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code.
27 CVE-2004-0155 2004-06-01 2010-08-21
7.5
User Remote Low Not required Partial Partial Partial
The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.
28 CVE-2004-0154 DoS 2004-06-14 2010-08-21
5.0
None Remote Low Not required None None Partial
rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name.
29 CVE-2004-0133 +Info 2004-06-01 2008-09-10
2.1
None Local Low Not required Partial None None
The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device.
30 CVE-2004-0124 2004-06-01 2008-09-10
2.6
None Remote High Not required Partial None None
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability."
31 CVE-2004-0123 119 DoS Exec Code Overflow 2004-06-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
32 CVE-2004-0120 DoS 2004-06-01 2008-09-10
5.0
None Remote Low Not required None None Partial
The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
33 CVE-2004-0119 DoS Exec Code 2004-06-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.
34 CVE-2004-0118 Exec Code 2004-06-01 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
35 CVE-2004-0117 Exec Code 2004-06-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code.
36 CVE-2004-0116 DoS 2004-06-01 2008-09-10
5.0
None Remote Low Not required None None Partial
An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field.
37 CVE-2004-0109 Exec Code Overflow 2004-06-01 2010-08-21
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
38 CVE-2004-0050 2004-06-14 2008-09-10
5.0
None Remote Low Not required Partial None None
Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others.
39 CVE-2004-0038 Exec Code 2004-06-14 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81.
40 CVE-2003-1041 Dir. Trav. 2004-06-14 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475.
41 CVE-2003-0910 Exec Code 2004-06-01 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
42 CVE-2003-0909 Exec Code 2004-06-01 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."
43 CVE-2003-0908 Exec Code 2004-06-01 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213.
44 CVE-2003-0907 Exec Code 2004-06-01 2008-09-10
5.1
User Remote High Not required Partial Partial Partial
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
45 CVE-2003-0906 Exec Code Overflow 2004-06-01 2008-09-10
7.6
Admin Remote High Not required Complete Complete Complete
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
46 CVE-2003-0807 DoS Overflow 2004-06-01 2008-09-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.
47 CVE-2003-0806 Exec Code Overflow 2004-06-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
48 CVE-2003-0719 Exec Code Overflow 2004-06-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
49 CVE-2003-0663 DoS 2004-06-01 2008-09-10
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.
50 CVE-2003-0533 Exec Code Overflow 2004-06-01 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Total number of vulnerabilities : 52   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.