CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14901 CVE-2004-1147 Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.
14902 CVE-2004-1137 DoS Exec Code 2005-01-10 2018-05-02
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
14903 CVE-2004-1134 DoS Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
14904 CVE-2004-1129 Sql 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
14905 CVE-2004-1128 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename.
14906 CVE-2004-1127 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command.
14907 CVE-2004-1125 20 DoS Exec Code Overflow 2005-01-10 2018-10-03
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
14908 CVE-2004-1120 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
14909 CVE-2004-1119 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.
14910 CVE-2004-1118 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
14911 CVE-2004-1114 119 Exec Code Overflow 2005-01-10 2017-07-10
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
14912 CVE-2004-1113 Exec Code Sql 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
14913 CVE-2004-1099 Bypass 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username.
14914 CVE-2004-1097 DoS Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.
14915 CVE-2004-1095 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
14916 CVE-2004-1094 Exec Code Overflow 2005-01-10 2018-10-19
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne Player 1 and 2, (2) the Restore Backup function in CheckMark Software Payroll 2004/2005 3.9.6 and earlier, (3) CheckMark MultiLedger before 7.0.2, (4) dtSearch 6.x and 7.x, (5) mcupdmgr.exe and mghtml.exe in McAfee VirusScan 10 Build 10.0.21 and earlier, (6) IBM Lotus Notes before 6.5.5, and other products. NOTE: it is unclear whether this is the same vulnerability as CVE-2004-0575, although the data manipulations are the same.
14917 CVE-2004-1080 Exec Code 2005-01-10 2019-04-30
10.0
Admin Remote Low Not required Complete Complete Complete
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
14918 CVE-2004-1067 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
14919 CVE-2004-1065 Exec Code Overflow 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
14920 CVE-2004-1064 Bypass 2005-01-10 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
14921 CVE-2004-1063 Exec Code Bypass 2005-01-10 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
14922 CVE-2004-1053 Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.
14923 CVE-2004-1052 Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
14924 CVE-2004-1050 Exec Code Overflow 2004-12-31 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
14925 CVE-2004-1037 Exec Code 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
14926 CVE-2004-1034 DoS Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
14927 CVE-2004-1029 264 Exec Code 2005-03-01 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
14928 CVE-2004-1026 DoS Exec Code Overflow 2005-01-10 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
14929 CVE-2004-1025 DoS Exec Code Overflow 2005-01-10 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
14930 CVE-2004-1019 20 DoS Exec Code 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
14931 CVE-2004-1018 DoS Exec Code Overflow Bypass 2005-01-10 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
14932 CVE-2004-1017 Overflow 2004-12-31 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
14933 CVE-2004-1015 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
14934 CVE-2004-1013 Exec Code Mem. Corr. 2005-01-10 2016-12-07
10.0
Admin Remote Low Not required Complete Complete Complete
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
14935 CVE-2004-1012 Exec Code Mem. Corr. 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
14936 CVE-2004-1011 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
14937 CVE-2004-1010 Exec Code Overflow 2005-03-01 2018-10-03
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
14938 CVE-2004-1008 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.
14939 CVE-2004-1006 Exec Code 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
14940 CVE-2004-0994 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
14941 CVE-2004-0993 DoS Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
14942 CVE-2004-0992 Exec Code 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the -a option (daemon mode) in Proxytunnel before 1.2.3 allows remote attackers to execute arbitrary code via format string specifiers in an invalid proxy answer.
14943 CVE-2004-0990 DoS Exec Code Overflow 2005-03-01 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
14944 CVE-2004-0989 Exec Code Overflow 2005-03-01 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
14945 CVE-2004-0987 Exec Code Overflow 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.
14946 CVE-2004-0985 Exec Code 2004-12-31 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help.
14947 CVE-2004-0982 Exec Code Overflow 2005-02-09 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.
14948 CVE-2004-0981 Exec Code Overflow 2005-02-09 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
14949 CVE-2004-0980 Exec Code 2005-02-09 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
14950 CVE-2004-0978 Exec Code Overflow 2005-02-09 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.