CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14401 CVE-2004-1137 DoS Exec Code 2005-01-10 2018-05-02
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
14402 CVE-2004-1134 DoS Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
14403 CVE-2004-1129 Sql 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
14404 CVE-2004-1128 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename.
14405 CVE-2004-1127 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command.
14406 CVE-2004-1125 20 DoS Exec Code Overflow 2005-01-10 2018-10-03
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
14407 CVE-2004-1120 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
14408 CVE-2004-1119 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.
14409 CVE-2004-1118 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
14410 CVE-2004-1114 119 Exec Code Overflow 2005-01-10 2017-07-10
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
14411 CVE-2004-1113 Exec Code Sql 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
14412 CVE-2004-1099 Bypass 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username.
14413 CVE-2004-1097 DoS Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.
14414 CVE-2004-1095 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
14415 CVE-2004-1094 Exec Code Overflow 2005-01-10 2018-10-19
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne Player 1 and 2, (2) the Restore Backup function in CheckMark Software Payroll 2004/2005 3.9.6 and earlier, (3) CheckMark MultiLedger before 7.0.2, (4) dtSearch 6.x and 7.x, (5) mcupdmgr.exe and mghtml.exe in McAfee VirusScan 10 Build 10.0.21 and earlier, (6) IBM Lotus Notes before 6.5.5, and other products. NOTE: it is unclear whether this is the same vulnerability as CVE-2004-0575, although the data manipulations are the same.
14416 CVE-2004-1080 Exec Code 2005-01-10 2019-04-30
10.0
Admin Remote Low Not required Complete Complete Complete
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
14417 CVE-2004-1067 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
14418 CVE-2004-1065 Exec Code Overflow 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
14419 CVE-2004-1064 Bypass 2005-01-10 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
14420 CVE-2004-1063 Exec Code Bypass 2005-01-10 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
14421 CVE-2004-1053 Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.
14422 CVE-2004-1052 Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
14423 CVE-2004-1050 Exec Code Overflow 2004-12-31 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
14424 CVE-2004-1037 Exec Code 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
14425 CVE-2004-1034 DoS Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
14426 CVE-2004-1029 264 Exec Code 2005-03-01 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
14427 CVE-2004-1026 DoS Exec Code Overflow 2005-01-10 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
14428 CVE-2004-1025 DoS Exec Code Overflow 2005-01-10 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
14429 CVE-2004-1019 20 DoS Exec Code 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
14430 CVE-2004-1018 DoS Exec Code Overflow Bypass 2005-01-10 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
14431 CVE-2004-1017 Overflow 2004-12-31 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
14432 CVE-2004-1015 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
14433 CVE-2004-1013 Exec Code Mem. Corr. 2005-01-10 2016-12-07
10.0
Admin Remote Low Not required Complete Complete Complete
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
14434 CVE-2004-1012 Exec Code Mem. Corr. 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
14435 CVE-2004-1011 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
14436 CVE-2004-1010 Exec Code Overflow 2005-03-01 2018-10-03
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
14437 CVE-2004-1008 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.
14438 CVE-2004-1006 Exec Code 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
14439 CVE-2004-0994 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
14440 CVE-2004-0993 DoS Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
14441 CVE-2004-0992 Exec Code 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format string specifiers in an invalid proxy answer.
14442 CVE-2004-0990 DoS Exec Code Overflow 2005-03-01 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
14443 CVE-2004-0989 Exec Code Overflow 2005-03-01 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
14444 CVE-2004-0987 Exec Code Overflow 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.
14445 CVE-2004-0985 Exec Code 2004-12-31 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help.
14446 CVE-2004-0982 Exec Code Overflow 2005-02-09 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.
14447 CVE-2004-0981 Exec Code Overflow 2005-02-09 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
14448 CVE-2004-0980 Exec Code 2005-02-09 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
14449 CVE-2004-0978 Exec Code Overflow 2005-02-09 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.
14450 CVE-2004-0964 Exec Code Overflow 2005-02-09 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.