CVE-2004-0157

x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program...

CVE-2004-0109

Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry...

CVE-2004-1946

Format string vulnerability in the PRINTERROR function in common.c for Cherokee Web Server 0.4.16 and earlier allows local users to execute arbitrary code via format string specifiers in the -C command line argument. NOTE: it is not clear whether this issue could be exploited remotely, or if...

CVE-2003-0648

Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code...

CVE-2004-0160

Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file...

CVE-2004-0188

Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password...

CVE-2004-0172

Heap-based buffer overflow in the searchforcommand function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be...

CVE-2004-0172

Heap-based buffer overflow in the searchforcommand function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be...

Microsoft Internet Explorer - URL Injection in History List (MS04-004)

// Andreas Sandblad, 2004-02-03, patched by MS04-004 // Name: payload // Purpose: Run payload code called from Local Machine zone. // The code may be arbitrary such as executing shell commands. // This demo simply creates a harmless textfile on the desktop. function payload file = "sandblad.txt";...

CVE-2004-2133

Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories suc...

CVE-2004-2131

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server IDS 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable...

security flaw

Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code...

CVE-2003-1461

Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability CVE-2002-1473...

CVE-2003-1374

Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the 1 -r or 2-c options...

CVE-2003-0972

Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...

CVE-2003-0947

The CVE-2003-0947 entry concerns the wireless config tool iwconfig . A vulnerability exists where, if iwconfig is installed with setuid , a buffer overflow can occur via a long OUT environment variable, allowing local arbitrary code execution . The NVD metrics describe a HIGH base score with a LO...

DEBIAN-CVE-2003-0853

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd...

CVE-2003-1140

Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file...

CVE-2003-0771

Gallery.pm in Apache::Gallery aka A::G uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does...

CVE-2003-0671

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow...