CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 8 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
15651 CVE-2004-1254 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.
15652 CVE-2004-1236 Exec Code Overflow 2004-12-31 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.
15653 CVE-2004-1232 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename.
15654 CVE-2004-1227 Exec Code Dir. Trav. 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4) the theme parameter to Login.php, and possibly other parameters or scripts.
15655 CVE-2004-1225 Exec Code +Priv Sql 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.
15656 CVE-2004-1222 Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
weblibs.pl in WebLibs 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the TextFile parameter.
15657 CVE-2004-1214 Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text.
15658 CVE-2004-1211 119 DoS Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
15659 CVE-2004-1208 DoS Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request.
15660 CVE-2004-1192 Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server.
15661 CVE-2004-1188 Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.
15662 CVE-2004-1187 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
15663 CVE-2004-1172 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.
15664 CVE-2004-1170 Exec Code 2005-01-10 2018-10-19
10.0
Admin Remote Low Not required Complete Complete Complete
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
15665 CVE-2004-1168 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header.
15666 CVE-2004-1154 DoS Exec Code Overflow 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
15667 CVE-2004-1153 DoS Exec Code 2005-01-10 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.
15668 CVE-2004-1152 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment.
15669 CVE-2004-1147 Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.
15670 CVE-2004-1137 DoS Exec Code 2005-01-10 2018-05-02
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
15671 CVE-2004-1134 DoS Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
15672 CVE-2004-1129 Sql 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
15673 CVE-2004-1128 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename.
15674 CVE-2004-1127 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command.
15675 CVE-2004-1125 20 DoS Exec Code Overflow 2005-01-10 2018-10-03
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
15676 CVE-2004-1120 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
15677 CVE-2004-1119 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.
15678 CVE-2004-1118 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
15679 CVE-2004-1114 119 Exec Code Overflow 2005-01-10 2017-07-10
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
15680 CVE-2004-1113 Exec Code Sql 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
15681 CVE-2004-1099 Bypass 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username.
15682 CVE-2004-1097 DoS Exec Code 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.
15683 CVE-2004-1095 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
15684 CVE-2004-1094 Exec Code Overflow 2005-01-10 2018-10-19
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne Player 1 and 2, (2) the Restore Backup function in CheckMark Software Payroll 2004/2005 3.9.6 and earlier, (3) CheckMark MultiLedger before 7.0.2, (4) dtSearch 6.x and 7.x, (5) mcupdmgr.exe and mghtml.exe in McAfee VirusScan 10 Build 10.0.21 and earlier, (6) IBM Lotus Notes before 6.5.5, and other products. NOTE: it is unclear whether this is the same vulnerability as CVE-2004-0575, although the data manipulations are the same.
15685 CVE-2004-1080 Exec Code 2005-01-10 2019-04-30
10.0
Admin Remote Low Not required Complete Complete Complete
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
15686 CVE-2004-1067 Exec Code Overflow 2005-01-10 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
15687 CVE-2004-1065 Exec Code Overflow 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
15688 CVE-2004-1064 Bypass 2005-01-10 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
15689 CVE-2004-1063 Exec Code Bypass 2005-01-10 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
15690 CVE-2004-1053 Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.
15691 CVE-2004-1052 Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
15692 CVE-2004-1050 Exec Code Overflow 2004-12-31 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
15693 CVE-2004-1037 Exec Code 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
15694 CVE-2004-1034 DoS Exec Code Overflow 2005-03-01 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
15695 CVE-2004-1029 264 Exec Code 2005-03-01 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
15696 CVE-2004-1026 DoS Exec Code Overflow 2005-01-10 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
15697 CVE-2004-1025 DoS Exec Code Overflow 2005-01-10 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
15698 CVE-2004-1019 20 DoS Exec Code 2005-01-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
15699 CVE-2004-1018 DoS Exec Code Overflow Bypass 2005-01-10 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
15700 CVE-2004-1017 Overflow 2004-12-31 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.