CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2005

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2004-1125 20 DoS Exec Code Overflow 2005-01-10 2018-10-03
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.
202 CVE-2004-1123 DoS 2005-01-10 2017-07-11
5.0
None Remote Low Not required None None Partial
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.
203 CVE-2004-1122 2005-01-10 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314.
204 CVE-2004-1120 Exec Code Overflow 2005-01-10 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
205 CVE-2004-1119 Exec Code Overflow 2005-01-10 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.
206 CVE-2004-1118 Exec Code Overflow 2005-01-10 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
207 CVE-2004-1117 +Priv 2005-01-10 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
208 CVE-2004-1116 +Priv 2005-01-10 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
209 CVE-2004-1115 +Priv 2005-01-10 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
210 CVE-2004-1114 119 Exec Code Overflow 2005-01-10 2017-07-11
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
211 CVE-2004-1113 Exec Code Sql 2005-01-10 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
212 CVE-2004-1112 Overflow Bypass 2005-01-10 2017-07-11
5.1
None Remote High Not required Partial Partial Partial
The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.
213 CVE-2004-1111 DoS 2005-01-10 2017-10-11
5.0
None Remote Low Not required None None Partial
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.
214 CVE-2004-1110 2005-01-10 2017-07-11
2.1
None Local Low Not required None Partial None
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file.
215 CVE-2004-1109 DoS 2005-01-10 2017-07-11
5.0
None Remote Low Not required None None Partial
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
216 CVE-2004-1108 2005-01-10 2017-07-11
2.1
None Local Low Not required None Partial None
qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.
217 CVE-2004-1107 2005-01-10 2017-07-11
2.1
None Local Low Not required None Partial None
dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
218 CVE-2004-1106 XSS 2005-01-10 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
219 CVE-2004-1105 2005-01-10 2017-07-11
5.0
None Remote Low Not required Partial None None
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.
220 CVE-2004-1103 2005-01-10 2017-07-11
5.0
None Remote Low Not required Partial None None
MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to gain sensitive information via the debug parameter, which reveals information such as the path to the web root and the web server version.
221 CVE-2004-1102 2005-01-10 2017-07-11
5.0
None Remote Low Not required Partial None None
MailPost 5.1.1sv, and possibly earlier versions, displays a different error message depending on whether the requested file exists or not, which allows remote attackers to gain sensitive information.
222 CVE-2004-1101 DoS XSS +Info 2005-01-10 2017-07-11
5.8
None Remote Medium Not required Partial None Partial
mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute a cross-site scripting (XSS) attack via an HTTP request that contains a / (backslash) and arbitrary webscript before the requested file, which leaks the pathname and does not quote the script in the resulting Visual Basic error message.
223 CVE-2004-1100 XSS 2005-01-10 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter.
224 CVE-2004-1099 Bypass 2005-01-10 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username.
225 CVE-2004-1098 Bypass 2005-01-10 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.
226 CVE-2004-1097 DoS Exec Code 2005-01-10 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and earlier, when authenticating via auth_pam, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in the URL.
227 CVE-2004-1096 Bypass 2005-01-10 2021-04-09
7.5
None Remote Low Not required Partial Partial Partial
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
228 CVE-2004-1095 Exec Code Overflow 2005-01-10 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
229 CVE-2004-1094 Exec Code Overflow 2005-01-10 2018-10-19
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne Player 1 and 2, (2) the Restore Backup function in CheckMark Software Payroll 2004/2005 3.9.6 and earlier, (3) CheckMark MultiLedger before 7.0.2, (4) dtSearch 6.x and 7.x, (5) mcupdmgr.exe and mghtml.exe in McAfee VirusScan 10 Build 10.0.21 and earlier, (6) IBM Lotus Notes before 6.5.5, and other products. NOTE: it is unclear whether this is the same vulnerability as CVE-2004-0575, although the data manipulations are the same.
230 CVE-2004-1080 Exec Code 2005-01-10 2019-04-30
10.0
None Remote Low Not required Complete Complete Complete
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
231 CVE-2004-1079 Overflow +Priv 2005-01-10 2018-10-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs 2.2.4, and possibly other versions, may allow local users to gain privileges via a long -T option.
232 CVE-2004-1076 Exec Code Overflow 2005-01-10 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
233 CVE-2004-1075 XSS 2005-01-10 2017-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which is not properly cleansed when generating an error message.
234 CVE-2004-1074 DoS 2005-01-10 2017-10-11
2.1
None Local Low Not required None None Partial
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
235 CVE-2004-1073 2005-01-10 2017-10-11
2.1
None Local Low Not required Partial None None
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
236 CVE-2004-1072 DoS Exec Code Overflow 2005-01-10 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
237 CVE-2004-1071 Exec Code 2005-01-10 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
238 CVE-2004-1070 Exec Code 2005-01-10 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
239 CVE-2004-1069 DoS 2005-01-10 2017-07-11
1.2
None Local High Not required None None Partial
Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.
240 CVE-2004-1068 +Priv 2005-01-10 2017-10-11
6.2
None Local High Not required Complete Complete Complete
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.
241 CVE-2004-1067 Exec Code Overflow 2005-01-10 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
242 CVE-2004-1066 DoS 2005-01-10 2017-07-11
3.6
None Local Low Not required Partial None Partial
The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.
243 CVE-2004-1065 Exec Code Overflow 2005-01-10 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
244 CVE-2004-1064 Bypass 2005-01-10 2020-12-08
10.0
None Remote Low Not required Complete Complete Complete
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
245 CVE-2004-1063 Exec Code Bypass 2005-01-10 2020-12-08
10.0
None Remote Low Not required Complete Complete Complete
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
246 CVE-2004-1061 XSS 2005-01-04 2017-07-11
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter.
247 CVE-2004-1058 2005-01-10 2018-10-03
1.2
None Local High Not required Partial None None
Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.
248 CVE-2004-1057 DoS 2005-01-21 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages.
249 CVE-2004-1056 DoS 2005-01-10 2017-10-11
6.4
None Remote Low Not required None Partial Partial
Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.
250 CVE-2004-1054 +Priv 2005-01-10 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
Total number of vulnerabilities : 320   Page : 1 2 3 4 5 (This Page)6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.