| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
3801 |
CVE-2004-0423 |
|
|
|
2004-07-07 |
2016-10-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file. |
|
3802 |
CVE-2004-0422 |
|
|
|
2004-07-07 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. |
|
3803 |
CVE-2004-0415 |
|
|
|
2004-11-23 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. |
|
3804 |
CVE-2004-0407 |
|
|
DoS |
2004-06-01 |
2017-07-10 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish. |
|
3805 |
CVE-2004-0394 |
|
|
Overflow |
2004-08-18 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. |
|
3806 |
CVE-2004-0388 |
|
|
|
2004-06-01 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. |
|
3807 |
CVE-2004-0381 |
|
|
|
2004-05-04 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. |
|
3808 |
CVE-2004-0372 |
|
|
|
2004-04-15 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts. |
|
3809 |
CVE-2004-0370 |
|
|
|
2004-05-04 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The setsockopt call in the KAME Project IPv6 implementation, as used in FreeBSD 5.2, does not properly handle certain IPv6 socket options, which could allow attackers to read kernel memory and cause a system panic. |
|
3810 |
CVE-2004-0351 |
|
|
|
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data. |
|
3811 |
CVE-2004-0350 |
|
|
|
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
SpiderSales shopping cart does not enforce a minimum length for the private key, which can make it easier for local users to obtain the private key by factoring. |
|
3812 |
CVE-2004-0342 |
|
|
DoS |
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one error. |
|
3813 |
CVE-2004-0341 |
|
|
DoS |
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a denial of service (CPU consumption) by continuing to send a long command that does not contain a newline. |
|
3814 |
CVE-2004-0325 |
|
|
DoS |
2004-12-31 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via "//../" arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstrated using "//../qwerty". |
|
3815 |
CVE-2004-0320 |
|
|
|
2004-11-23 |
2017-10-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows local users to access secrets stored in the module's run-time memory via certain sequences of commands. |
|
3816 |
CVE-2004-0299 |
|
|
DoS Overflow |
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash) characters. |
|
3817 |
CVE-2004-0289 |
|
|
DoS Overflow |
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to cause a denial of service (segmentation fault) via a database file that contains a large key parameter. |
|
3818 |
CVE-2004-0283 |
|
|
|
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Mailmgr 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/mailmgr.unsort, (2) /tmp/mailmgr.tmp, or (3) /tmp/mailmgr.sort. |
|
3819 |
CVE-2004-0267 |
|
|
|
2004-11-23 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp. |
|
3820 |
CVE-2004-0256 |
|
|
|
2004-11-23 |
2018-05-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. |
|
3821 |
CVE-2004-0233 |
|
|
Dir. Trav. |
2004-08-18 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files. |
|
3822 |
CVE-2004-0231 |
|
|
|
2004-08-18 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." |
|
3823 |
CVE-2004-0211 |
|
|
DoS |
2004-11-03 |
2018-10-12 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program. |
|
3824 |
CVE-2004-0207 |
|
|
+Priv |
2004-11-03 |
2018-10-12 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
"Shatter" style vulnerability in the Window Management application programming interface (API) for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to gain privileges by using certain API functions to change properties of privileged programs using the SetWindowLong and SetWIndowLongPtr API functions. |
|
3825 |
CVE-2004-0181 |
|
|
+Info |
2004-06-01 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. |
|
3826 |
CVE-2004-0180 |
|
|
|
2004-06-01 |
2018-05-02 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405. |
|
3827 |
CVE-2004-0178 |
|
|
DoS |
2004-06-01 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. |
|
3828 |
CVE-2004-0137 |
|
|
DoS |
2004-08-06 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues." |
|
3829 |
CVE-2004-0136 |
|
|
DoS |
2004-08-06 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary." |
|
3830 |
CVE-2004-0133 |
|
|
+Info |
2004-06-01 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device. |
|
3831 |
CVE-2004-0124 |
|
|
|
2004-06-01 |
2018-10-12 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause network communications via an "alter context" call that contains additional data, aka the "Object Identity Vulnerability." |
|
3832 |
CVE-2004-0088 |
|
|
|
2004-03-03 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087. |
|
3833 |
CVE-2004-0087 |
|
|
|
2004-03-03 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network settings, a different vulnerability than CVE-2004-0088. |
|
3834 |
CVE-2004-0075 |
|
|
DoS |
2004-03-15 |
2017-10-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service. |
|
3835 |
CVE-2004-0064 |
|
|
|
2004-02-17 |
2016-10-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory. |
|
3836 |
CVE-2004-0058 |
|
|
|
2004-02-17 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pid_antivir_$$ temporary file. |
|
3837 |
CVE-2003-1582 |
79 |
|
XSS |
2010-02-05 |
2010-02-08 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue. |
|
3838 |
CVE-2003-1581 |
79 |
|
XSS |
2010-02-05 |
2010-02-08 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue. |
|
3839 |
CVE-2003-1577 |
79 |
|
XSS |
2010-02-05 |
2017-08-16 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files, and conduct cross-site scripting (XSS) attacks involving the iPlanet Log Analyzer, via an HTTP request in conjunction with a crafted DNS response, related to an "Inverse Lookup Log Corruption (ILLC)" issue, a different vulnerability than CVE-2002-1315 and CVE-2002-1316. |
|
3840 |
CVE-2003-1476 |
|
|
|
2003-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access. |
|
3841 |
CVE-2003-1437 |
|
|
|
2003-12-31 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. |
|
3842 |
CVE-2003-1306 |
|
|
+Info |
2003-12-31 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response. |
|
3843 |
CVE-2003-1295 |
|
|
|
2003-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." |
|
3844 |
CVE-2003-1294 |
|
|
|
2003-12-31 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. |
|
3845 |
CVE-2003-1289 |
|
|
|
2003-12-31 |
2017-07-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. |
|
3846 |
CVE-2003-1281 |
|
|
|
2003-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. |
|
3847 |
CVE-2003-1273 |
|
|
DoS |
2003-12-31 |
2017-07-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters. |
|
3848 |
CVE-2003-1265 |
|
|
|
2003-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. |
|
3849 |
CVE-2003-1261 |
|
|
DoS Overflow |
2003-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. |
|
3850 |
CVE-2003-1246 |
|
|
|
2003-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. |
