| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
74251 |
CVE-2004-0199 |
|
|
Exec Code |
2004-06-14 |
2018-10-12 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Help and Support Center in Microsoft Windows XP and Windows Server 2003 SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code, as demonstrated using certain hcp:// URLs that access the DVD Upgrade capability (dvdupgrd.htm). |
|
74252 |
CVE-2004-0192 |
|
|
XSS |
2004-03-15 |
2017-07-10 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. |
|
74253 |
CVE-2004-0191 |
|
|
XSS |
2004-03-15 |
2017-10-09 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. |
|
74254 |
CVE-2004-0184 |
|
|
DoS |
2004-05-04 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. |
|
74255 |
CVE-2004-0183 |
|
|
DoS |
2004-05-04 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. |
|
74256 |
CVE-2004-0182 |
|
|
DoS |
2004-06-01 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field. |
|
74257 |
CVE-2004-0181 |
|
|
+Info |
2004-06-01 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. |
|
74258 |
CVE-2004-0180 |
|
|
|
2004-06-01 |
2018-05-02 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. |
|
74259 |
CVE-2004-0179 |
|
|
Exec Code |
2004-06-01 |
2017-10-10 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. |
|
74260 |
CVE-2004-0178 |
|
|
DoS |
2004-06-01 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. |
|
74261 |
CVE-2004-0177 |
|
|
+Info |
2004-06-01 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device. |
|
74262 |
CVE-2004-0176 |
|
|
DoS Exec Code Overflow |
2004-05-04 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors. |
|
74263 |
CVE-2004-0175 |
22 |
|
Dir. Trav. |
2004-08-18 |
2017-10-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992. |
|
74264 |
CVE-2004-0174 |
|
|
DoS |
2004-05-04 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket." |
|
74265 |
CVE-2004-0173 |
|
|
Dir. Trav. |
2004-04-15 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences. |
|
74266 |
CVE-2004-0171 |
|
|
DoS |
2004-03-15 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. |
|
74267 |
CVE-2004-0169 |
|
|
DoS |
2004-03-15 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function. |
|
74268 |
CVE-2004-0166 |
|
|
|
2004-03-15 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Unknown vulnerability in Safari web browser for Mac OS X 10.2.8 related to "the display of URLs in the status bar." |
|
74269 |
CVE-2004-0165 |
|
|
+Priv |
2004-03-15 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. |
|
74270 |
CVE-2004-0164 |
|
|
|
2004-03-03 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c. |
|
74271 |
CVE-2004-0163 |
|
|
DoS |
2004-09-28 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session and repeatedly replaying the session. |
|
74272 |
CVE-2004-0158 |
|
|
Overflow +Priv |
2004-03-29 |
2017-07-10 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c. |
|
74273 |
CVE-2004-0157 |
|
|
Exec Code |
2004-06-01 |
2017-07-10 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program. |
|
74274 |
CVE-2004-0156 |
|
|
DoS Exec Code |
2004-06-01 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code. |
|
74275 |
CVE-2004-0154 |
|
|
DoS |
2004-06-14 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
rpc.mountd in nfs-utils after 1.0.3 and before 1.0.6 allows attackers to cause a denial of service (crash) via an NFS mount of a directory from a client whose reverse DNS lookup name is different from the forward lookup name. |
|
74276 |
CVE-2004-0149 |
|
|
Overflow +Priv |
2004-05-04 |
2017-07-10 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges. |
|
74277 |
CVE-2004-0143 |
|
|
DoS Overflow |
2004-03-03 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote attackers to cause a denial of service (reset) via malformed Bluetooth OBject EXchange (OBEX) messages, probably triggering buffer overflows. |
|
74278 |
CVE-2004-0138 |
|
|
DoS |
2004-12-31 |
2017-10-10 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped. |
|
74279 |
CVE-2004-0137 |
|
|
DoS |
2004-08-06 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues." |
|
74280 |
CVE-2004-0136 |
|
|
DoS |
2004-08-06 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary." |
|
74281 |
CVE-2004-0133 |
|
|
+Info |
2004-06-01 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device. |
|
74282 |
CVE-2004-0131 |
|
|
DoS |
2004-03-03 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. |
|
74283 |
CVE-2004-0130 |
|
|
+Info |
2004-03-03 |
2017-07-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
login.php in phpGedView 2.65 and earlier allows remote attackers to obtain sensitive information via an HTTP request to login.php that does not contain the required username or password parameters, which causes the information to be leaked in an error message. |
|
74284 |
CVE-2004-0129 |
|
|
Dir. Trav. |
2004-03-03 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. |
|
74285 |
CVE-2004-0126 |
|
|
+Priv |
2004-03-29 |
2017-10-09 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail. |
|
74286 |
CVE-2004-0124 |
|
|
|
2004-06-01 |
2018-10-12 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability." |
|
74287 |
CVE-2004-0122 |
|
|
|
2004-04-15 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files. |
|
74288 |
CVE-2004-0120 |
|
|
DoS |
2004-06-01 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages. |
|
74289 |
CVE-2004-0116 |
|
|
DoS |
2004-06-01 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field. |
|
74290 |
CVE-2004-0115 |
|
|
Exec Code |
2004-03-03 |
2018-10-12 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file. |
|
74291 |
CVE-2004-0114 |
|
|
+Priv |
2004-03-03 |
2017-10-09 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges. |
|
74292 |
CVE-2004-0113 |
|
|
DoS |
2004-03-29 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server. |
|
74293 |
CVE-2004-0112 |
|
|
DoS |
2004-11-23 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. |
|
74294 |
CVE-2004-0111 |
|
|
DoS |
2004-04-15 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. |
|
74295 |
CVE-2004-0109 |
|
|
Exec Code Overflow |
2004-06-01 |
2017-10-10 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. |
|
74296 |
CVE-2004-0108 |
|
|
|
2004-04-15 |
2017-10-09 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107. |
|
74297 |
CVE-2004-0107 |
|
|
|
2004-04-15 |
2017-10-10 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108. |
|
74298 |
CVE-2004-0103 |
|
|
Overflow +Priv |
2004-03-03 |
2017-07-10 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow. |
|
74299 |
CVE-2004-0099 |
|
|
Bypass |
2004-03-03 |
2017-10-09 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions. |
|
74300 |
CVE-2004-0096 |
|
|
DoS |
2004-03-03 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973. |
