Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.
Max CVSS
10.0
EPSS Score
8.18%
Published
2004-10-26
Updated
2017-07-11
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
Max CVSS
9.8
EPSS Score
19.35%
Published
2004-10-20
Updated
2024-02-02
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code.
Max CVSS
9.0
EPSS Score
0.56%
Published
2004-10-23
Updated
2020-12-08
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
Max CVSS
7.8
EPSS Score
0.05%
Published
2004-10-20
Updated
2024-02-02
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.
Max CVSS
7.5
EPSS Score
0.80%
Published
2004-10-20
Updated
2017-07-11
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
Max CVSS
7.5
EPSS Score
34.77%
Published
2004-10-20
Updated
2023-01-20
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
Max CVSS
7.5
EPSS Score
29.18%
Published
2004-10-20
Updated
2018-10-19
Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
Max CVSS
7.5
EPSS Score
2.19%
Published
2004-10-20
Updated
2017-10-11
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.
Max CVSS
7.5
EPSS Score
0.48%
Published
2004-10-20
Updated
2018-10-19
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
Max CVSS
7.5
EPSS Score
7.50%
Published
2004-10-20
Updated
2017-10-11
libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
Max CVSS
7.5
EPSS Score
4.84%
Published
2004-10-20
Updated
2017-07-11
Buffer overflow in WIDCOMM Bluetooth Connectivity Software, as used in products such as BTStackServer 1.3.2.7 and 1.4.2.10, Windows XP and Windows 98 with MSI Bluetooth Dongles, and HP IPAQ 5450 running WinCE 3.0, allows remote attackers to execute arbitrary code via certain service requests.
Max CVSS
7.5
EPSS Score
9.77%
Published
2004-10-20
Updated
2018-10-19
Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
8.29%
Published
2004-10-20
Updated
2017-07-11
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).
Max CVSS
7.5
EPSS Score
30.47%
Published
2004-10-20
Updated
2023-08-11
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).
Max CVSS
7.5
EPSS Score
30.47%
Published
2004-10-20
Updated
2023-08-11
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
Max CVSS
7.5
EPSS Score
1.05%
Published
2004-10-20
Updated
2017-10-11
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
Max CVSS
7.5
EPSS Score
6.51%
Published
2004-10-20
Updated
2017-10-11

CVE-2004-0798

Public exploit
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
Max CVSS
7.5
EPSS Score
93.13%
Published
2004-10-20
Updated
2017-10-05
101 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!