87 matches found
CVE-2004-1036
CVE-2004-1036 affects SquirrelMail prior to versions 1.4.3a and earlier, and 1.5.1-cvs before 23 Oct 2004. The vulnerability is a cross-site scripting (XSS) flaw in the decoding of encoded text in certain headers within mime.php, enabling remote attackers to run arbitrary web script or HTML in th...
CVE-2004-0930
CVE-2004-0930 affects Samba 3.0.4, 3.0.7 (and possibly other versions). The issue is in the ms_fnmatch function, allowing remote authenticated users to cause high CPU denial of service via a SAMBA request containing multiple asterisks (*) in the wildcard pattern. The provided documents confirm th...
CVE-2004-0975
The CVE-2004-0975 issue affects the der_chop script in OpenSSL implementations (notably Trustix Secure Linux 1.5–2.1 and other OSes). The vulnerability arises from insecure temporary file handling, enabling a local user to overwrite files via a symlink attack. Documented impact is local privilege...
CVE-2013-0348
CVE-2013-0348 affects thttpd/thttpd-derived sthttpd: versions prior to 2.26.4-r2 and 2.25b expose a world-readable /var/log/thttpd.log. The root cause is incorrect file permissions, permitting local users to read sensitive information from the log file. Implication: local information disclosure w...
CVE-2005-1267
The CVE-2005-1267 issue affects the BGP dissector in tcpdump (v3.x). The vuln arises when bgp_update_print fails to handle a -1 return from decode_prefix4, enabling a remote attacker to trigger a denial-of-service via an infinite loop by sending a crafted BGP packet. The impact is a DoS on affect...
CVE-2004-0889
CVE-2004-0889 involves multiple integer overflows in xpdf 3.0 and in code paths that reuse xpdf (e.g., in CUPS) that can be exploited remotely to crash the service (DoS) and potentially execute arbitrary code. The description confirms a remote impact and the possibility of code execution, tied to...
CVE-2005-0206
Technical details about CVE-2005-0206 are not provided in the connected documents. Available sources reference related issues (CVE-2004-0888) and patch notes without explicit impact, affected products, or fixes for this CVE.
CVE-2005-3624
CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...
CVE-2004-0981
CVE-2004-0981 affects ImageMagick and concerns a buffer overflow in the TIFF/EXIF parsing routine that can lead to remote code execution via a crafted image file. The initial record states the vulnerability exists in ImageMagick before 6.1.0, with a network-based attack vector and critical impact...
CVE-2005-3625
CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...
CVE-2004-0914
Concrete details: CVE-2004-0914 concerns multiple vulnerabilities in libXpm (as used by XFree86/X.Org) including integer overflows, out-of-bounds reads, directory traversal, shell metacharacter issues, endless loops, and memory leaks in parsing XPM images. If exploited via a crafted XPM file, rem...
CVE-2005-3626
CVE-2005-3626 affects Xpdf and related components (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The vulnerability arises from a crafted FlateDecode stream that triggers a null dereference, leading to a denial of service (crash). The connected Nessus entry (NEWSTART_CGSL_NS-SA...
CVE-2004-0888
CVE-2004-0888 : Multiple integer overflows in xpdf (v2.0/v3.0) and in code that uses xpdf (e.g., CUPS, gpdf, kdegraphics) allow remote attackers to crash services and possibly execute arbitrary code. Some reports note 64-bit builds can exacerbate the overflow (pdftops/filter path). Remediation is...
CVE-2004-0996
CVE-2004-0996 affects cscope 15-4 and 15-5 where main.c creates temporary files with predictable names, enabling local symlink attacks to overwrite arbitrary files. The issue is a local-security vulnerability arising from insecure temporary file creation. Publicly documented fixes show upgrades t...
CVE-2004-0497
CVE-2004-0497 describes a local privilege escalation in the Linux kernel 2.x family (notably 2.4/2.6-rc3) due to missing DAC controls in sys_chown, enabling a local user to modify the group ownership of files (including NFS-exported files) they do not own. The underlying issue allows changing fil...
CVE-2004-1026
CVE-2004-1026 involves multiple integer overflows in the image handler of the imlib library (versions up to 1.9.14 and earlier) that is used by gkrellm and several window managers. The issue, documented across OpenVAS and Gentoo GLSA entries, is rooted in the image processing code and can be trig...
CVE-2004-1106
CVE-2004-1106 affects Gallery up to version 1.4.4-pl3, with the vulnerability located in index.php include handling. The issue is a cross-site scripting (XSS) flaw that lets remote attackers provide specially formed URLs to inject arbitrary web script or HTML, via the include parameter, potential...
CVE-2005-0077
CVE-2005-0077 affects the perl-DBI (libdbi-perl) library. The issue is insecure handling of temporary files via a symlink attack on a temporary PID file, enabling local users to overwrite arbitrary files. Multiple connected advisories reference updates or patches addressing this vulnerability (e....
CVE-2004-0496
The CVE-2004-0496 entry refers to multiple local vulnerabilities in the Linux kernel 2.6, distinct from CVE-2004-0495, discovered via Sparse. Connected sources (Gentoo GLSA advisories GLSA-200407-02 and GLSA-200407-16, OpenVAS NASLs, and NVD/NVD-style listings) corroborate that CAN-2004-0496 conc...
CVE-2005-0988
CVE-2005-0988 describes a race condition in gzip prior to 1.3.5 that affects permission handling during decompression. Specifically, when decompressing a file, a local attacker could exploit a hard-link or timing issue to change the permissions of an arbitrary file (or overwrite it) in the target...
CVE-2004-0990
CVE-2004-0990 describes an integer overflow in the GD Graphics Library (libgd) 2.0.28 (and possibly earlier/other versions) that can be triggered by PNG image files with large image row values. This leads to a heap-based buffer overflow in gdImageCreateFromPngCtx, enabling remote denial of servic...
CVE-2004-0565
CVE-2004-0565 affects Linux 2.4.x kernel code where the MFH bit is checked without verifying the FPH owner in the context switch path. This enables local attackers to read register values of other processes, exposing partial confidentiality. The vulnerability description explicitly states the iss...
CVE-2004-0891
GAIM is affected by CVE-2004-0891: a buffer overflow in the MSN protocol handler (MSNSLP) for gaim versions 0.79 through 1.0.1, caused by an unbounded copy that writes to the wrong buffer during processing of an unexpected MSNSLP sequence. This can cause remote denial of service (crash) and poten...
CVE-2004-1025
CVE-2004-1025 concerns multiple heap-based buffer overflows in imlib 1.9.14 and earlier, a library used by gkrellm and several window managers. The vulnerability allows remote attackers to crash the application and, per the description, to execute arbitrary code via crafted image files, effective...
CVE-2004-0918
CVE-2004-0918: Squid’s SNMP parser (asn_parse_header in asn1.c) before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) by sending SNMP packets with negative length fields that trigger a memory allocation error. The issue yields a partial availability impact and i...
CVE-2004-1304
CVE-2004-1304 affects the file utility; a stack-based buffer overflow in the ELF header parsing code (in file before 4.12) could allow arbitrary code execution when processing a crafted ELF file. Impact: arbitrary code execution with full privileges as described in the vulnerability entry. Remedi...
CVE-2004-0983
Ruby CGI module vulnerability CVE-2004-0983 allows remote denial of service via a crafted HTTP request. Affected are Ruby 1.6 up to 1.6.7 and Ruby 1.8 up to 1.8.1 (i.e., versions before 1.6.8 and before 1.8.2). The issue is described as causing an infinite loop and CPU consumption. Remediation is...
CVE-2004-1052
CVE-2004-1052: A buffer overflow in the getnickuserhost function of BNC (notably version 2.8.9 and possibly older/newer variants) can be triggered by an IRC server response containing a sequence of many ! or @ characters, allowing remote code execution. Public sources (NVD entry and security advi...
CVE-2004-0935
CVE-2004-0935 affects Eset Anti-Virus prior to 1.020. A ZIP archive with both local and global headers set to zero could bypass antivirus protection and allow a malicious file to be opened on the target system. PoC/proofs of concept code and advisories (e.g., iDEFENSE CAN references) document det...
CVE-2004-0972
CVE-2004-0972 concerns the lvmcreate_initrd helper in the Trustix/ lvm package (lvm1) where a temporary-directory creation flaw enables a local attacker to perform a symlink-based overwrite of arbitrary files. The described root cause is insecure handling of temporary files by the script, allowin...
CVE-2004-1029
The vulnerability CVE-2004-1029 affects Sun Java Plug-in in JRE 1.4.2_01, 1.4.2_04, and possibly earlier versions, where data transfer between JavaScript and Java applets fails to restrict access. The root cause is improper isolation that allows a remote attacker to use reflection to access priva...
CVE-2013-2031
CVE-2013-2031 affects MediaWiki up to 1.19.6/1.20.x before 1.20.5 and is an XSS through a CDATA SVG UTF-7 sequence misinterpreted as UTF-8. Affected component: MediaWiki core (SVG handling and related sanitization). Impact: cross-site scripting possible in affected installations. Evidence/ground:...
CVE-2004-0947
CVE-2004-0947 is confirmed across connected docs as a vulnerability in the unarj utility. The issue is a buffer overflow when handling long filenames in arj archives, enabling remote code execution. Related advisories additionally describe a directory-traversal weakness in the -x extract option t...
CVE-2005-2557
CVE-2005-2557 is a cross-site scripting (XSS) flaw in MantisBT (0.19.0a1 through 1.0.0a3) exploitable via the dir parameter to view_all_set.php (bug#0005959). The available documents confirm the vulnerability class and affected range; no explicit remediation or exploitation details are provided b...
CVE-2004-1037
CVE-2004-1037 affects TWiki prior to fix where the search function accepts a user-supplied search string. The vulnerability allows remote attackers to execute arbitrary OS commands by injecting shell metacharacters in the search parameter to the WebSearch script, potentially compromising the TWik...
CVE-2004-1161
The CVE-2004-1161 entry concerns rssh 2.2.2 and earlier, where the program restricting logic fails to properly limit which programs can be run. This could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp...
CVE-2004-1307
CVE-2004-1307 describes a heap-based buffer overflow in libtiff 3.6.1 triggered by a TIFF file using the STRIPOFFSETS flag with many strips, due to an overflow in TIFFFetchStripThing in tif_dirread.c. The vulnerability could allow remote code execution as a result of processing crafted TIFF files...
CVE-2004-0980
The CVE-2004-0980 entry concerns a format string vulnerability in ez-ipupdate.c affecting ez-ipupdate 3.0.10 through 3.0.11b8. When running in daemon mode with certain service types, a remote attacker could cause arbitrary code execution. The provided documents consistently reference vulnerable v...
CVE-2004-1176
CVE-2004-1176 : A buffer underflow in extfs.c of Midnight Commander (mc) prior to 4.5.56 allows remote attackers to cause a denial of service and possibly execute arbitrary code. Documents consistently describe the issue as a remote vulnerability affecting mc with the buffer underflow in the extf...
CVE-2004-1110
The CVE concerns mtink status monitor for Epson printers; versions prior to 1.0.5 allow local users to overwrite arbitrary files via a symlink attack on the Epson temporary file. Root cause: insecure temporary file handling. Impact: local integrity impact. Mitigation: upgrade to 1.0.5 or later.
CVE-2004-0936
CVE-2004-0936 refers to a ZIP header manipulation vulnerability affecting anti-virus engines (notably RAV) where both local and global ZIP headers can be set to zero, allowing a compressed file to bypass protection and still be opened. The connected sources describe a proof-of-concept and public ...
CVE-2004-1004
CVE-2004-1004 affects Midnight Commander (mc) up to version 4.5.55 with multiple format string vulnerabilities. The provided connected advisories confirm that various distros release patches (e.g., SUSE SLES9 patch 5011441, Gentoo GLSA 200502-24, Debian DSA 639-1) to fix these issues. The CVE ent...
CVE-2004-1005
CVE-2004-1005 refers to multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier. The initial description notes remote attackers could trigger these issues with unknown impact, and connected advisories (e.g., Debian DSA 639-1, Gentoo GLSA 200502-24, SuSE OpenVAS entries) indicate t...
CVE-2004-1108
CVE-2004-1108 affects Gentoo: Gentoo Portage (dispatch-conf) and Gentoolkit’s qpkg query tool, with the vulnerable component being temporary file handling. Gentoolkit 0.2.0_pre10 and earlier uses predictable names in the temporary directory, enabling a local attacker to create a symlink to a targ...
CVE-2005-0754
CVE-2005-0754 affects KDE’s Kommander: KDE 3.2–3.4.0 allows remote attackers to cause arbitrary code execution by Kommander executing data files without user confirmation. The root cause is untrusted data/file handling by Kommander, enabling remote code execution if a user opens a malicious file....
CVE-2004-0634
The CVE-2004-0634 issue affects Ethereal (the SMB dissector) with the SMB SID snooping capability, in versions 0.9.15 through 0.10.4. The root cause is a null dereference triggered by a handle without a policy name in SMB processing, allowing a remote attacker to cause a denial of service (proces...
CVE-2004-0635
CVE-2004-0635 affects Ethereal 0.8.15–0.10.4, where the SNMP dissector is vulnerable. A remote attacker can trigger a denial of service (process crash) via a malformed or missing community string, causing an out-of-bounds read. The description explicitly ties the issue to the SNMP dissector, the ...
CVE-2005-1121
CVE-2005-1121 affects Oops! Proxy Server up to version 1.5.23. A format string vulnerability in the my_xlog function (lib.c), triggered via the passwd_mysql and passwd_pgsql authentication modules, may allow an attacker to execute arbitrary code remotely by crafting a URL. The CVSS v2 base score ...
CVE-2004-1174
The CVE-2004-1174 vulnerability affects Midnight Commander (mc) up to and including version 4.5.55, in which direntry.c contains the flaw that allows a denial of service via manipulating non-existing file handles. The description clearly states this is a denial of service condition caused by the ...
CVE-2008-1078
CVE-2008-1078 affects the expn component of am-utils (and related net-fs usage) on Gentoo, rPath Linux, and other distros. The issue is an insecure temporary-file handling in expn that allows a local user to perform a symlink attack on expn[PID], enabling overwriting of arbitrary files. This vuln...