CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2004

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2005-0190 Dir. Trav. Bypass 2004-09-29 2008-09-05
2.6
None Remote High Not required None Partial None
Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension.
2 CVE-2004-1699 DoS 2004-09-21 2008-09-05
5.0
None Remote Low Not required None None Partial
SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (web interface errors) via an invalid Skin parameter.
3 CVE-2004-1698 DoS 2004-09-24 2008-09-05
5.0
None Remote Low Not required None None Partial
The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash.
4 CVE-2004-1697 2004-09-21 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames.
5 CVE-2004-1696 DoS 2004-09-21 2008-09-05
5.0
None Remote Low Not required None None Partial
EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66.
6 CVE-2004-1695 Bypass 2004-09-20 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to bypass authentication for the remote administration feature via a URL that contains an extra leading / (slash).
7 CVE-2004-1694 2004-09-21 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access.
8 CVE-2004-1693 Exec Code File Inclusion 2004-09-18 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.
9 CVE-2004-1692 XSS 2004-09-18 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters.
10 CVE-2004-1691 DoS 2004-09-18 2008-09-05
5.0
None Remote Low Not required None None Partial
The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data.
11 CVE-2004-1690 XSS 2004-09-18 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers to execute arbitrary web script or HTML via the URL.
12 CVE-2004-1689 2004-09-16 2008-09-05
2.1
None Local Low Not required Partial None None
sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.
13 CVE-2004-1688 DoS 2004-09-16 2008-09-05
5.0
None Remote Low Not required None None Partial
Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103.
14 CVE-2004-1687 Http R.Spl. 2004-09-16 2008-09-05
5.0
None Remote Low Not required None Partial None
CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter.
15 CVE-2004-1686 Bypass 2004-09-15 2008-09-05
5.0
None Remote Low Not required None Partial None
Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin.
16 CVE-2004-1685 Bypass 2004-09-15 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages.
17 CVE-2004-1684 +Info 2004-09-13 2008-09-05
5.0
None Remote Low Not required Partial None None
Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network.
18 CVE-2004-1683 +Priv 2004-09-13 2008-09-05
3.7
User Local High Not required Partial Partial Partial
A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap.
19 CVE-2004-1680 DoS Overflow 2004-09-13 2008-09-05
5.0
None Remote Low Not required None None Partial
application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow.
20 CVE-2004-1678 Dir. Trav. 2004-09-13 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.
21 CVE-2004-1677 2004-09-12 2008-09-05
5.0
None Remote Low Not required Partial None None
pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message.
22 CVE-2004-1676 Exec Code Overflow 2004-09-12 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message.
23 CVE-2004-1675 20 DoS 2004-09-11 2010-04-28
5.0
None Remote Low Not required None None Partial
Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX.
24 CVE-2004-1670 Dir. Trav. 2004-09-10 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html.
25 CVE-2004-1669 XSS 2004-09-10 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter to search.html.
26 CVE-2004-1668 Exec Code Sql 2004-09-10 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters.
27 CVE-2004-1667 DoS 2004-09-09 2008-09-05
5.0
None Remote Low Not required None None Partial
Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response.
28 CVE-2004-1665 XSS 2004-09-05 2008-09-10
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter.
29 CVE-2004-1664 DoS Overflow 2004-09-05 2008-09-05
5.0
None Remote Low Not required None None Partial
Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection mechanism. NOTE: this issue might overlap CVE-2005-0430.
30 CVE-2004-1663 DoS 2004-09-04 2008-09-05
5.0
None Remote Low Not required None None Partial
Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets.
31 CVE-2004-1661 +Priv Bypass 2004-09-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1."
32 CVE-2004-1659 XSS 2004-09-02 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote attackers with Administrator, Editor, Journalist or Commenter privileges to inject arbitrary web script or HTML via the mod parameter.
33 CVE-2004-1658 Bypass 2004-09-02 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable.
34 CVE-2004-1657 XSS 2004-09-01 2008-09-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers.
35 CVE-2004-1656 Http R.Spl. 2004-09-01 2008-09-05
5.0
None Remote Low Not required None Partial None
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter.
36 CVE-2004-1655 XSS 2004-09-01 2008-09-10
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) CM_pid parameter in the comments module or (2) the subject or message fields in the notes module.
37 CVE-2004-1654 Exec Code Sql 2004-09-01 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute arbitrary SQL commands via cal_template.
38 CVE-2004-1604 2004-09-30 2008-09-05
5.0
None Remote Low Not required None Partial None
cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.
39 CVE-2004-1379 Exec Code Overflow 2004-09-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field.
40 CVE-2004-1378 DoS 2004-09-21 2008-09-05
5.0
None Remote Low Not required None None Partial
The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.
41 CVE-2004-1372 Exec Code Overflow 2004-09-01 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure.
42 CVE-2004-1348 DoS 2004-09-06 2008-09-10
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
43 CVE-2004-0905 Exec Code 2004-09-14 2010-08-21
4.6
User Local Low Not required Partial Partial Partial
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
44 CVE-2004-0872 2004-09-16 2008-09-05
5.0
None Remote Low Not required Partial None None
Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
45 CVE-2004-0871 2004-09-16 2008-09-05
5.0
None Remote Low Not required Partial None None
Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
46 CVE-2004-0870 2004-09-16 2008-09-05
5.0
None Remote Low Not required Partial None None
KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
47 CVE-2004-0869 2004-09-16 2008-09-05
5.0
None Remote Low Not required Partial None None
Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
48 CVE-2004-0866 2004-09-16 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
49 CVE-2004-0851 2004-09-08 2008-09-05
2.1
None Local Low Not required None Partial None
The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
50 CVE-2004-0838 2004-09-13 2008-09-05
2.1
None Local Low Not required Partial None None
Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive.
Total number of vulnerabilities : 90   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.