Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-09-28
Updated
2008-09-05
ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.
Max CVSS
5.0
EPSS Score
0.52%
Published
2004-09-28
Updated
2017-07-11
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.
Max CVSS
7.5
EPSS Score
0.69%
Published
2004-09-28
Updated
2016-10-18
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy.
Max CVSS
7.5
EPSS Score
0.41%
Published
2004-09-28
Updated
2016-10-18
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy.
Max CVSS
7.5
EPSS Score
0.41%
Published
2004-09-28
Updated
2016-10-18
Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999.
Max CVSS
5.0
EPSS Score
0.93%
Published
2004-09-28
Updated
2017-07-11
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-09-28
Updated
2017-07-11
Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-09-28
Updated
2017-07-11
Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-09-28
Updated
2017-07-11
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.
Max CVSS
7.2
EPSS Score
0.08%
Published
2004-09-28
Updated
2017-07-11
Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session and repeatedly replaying the session.
Max CVSS
5.0
EPSS Score
0.93%
Published
2004-09-28
Updated
2017-07-11
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
Max CVSS
9.3
EPSS Score
95.70%
Published
2004-09-28
Updated
2018-10-30
Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
2.58%
Published
2004-09-28
Updated
2017-07-11
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Max CVSS
4.6
EPSS Score
0.06%
Published
2004-09-28
Updated
2019-12-17
mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.
Max CVSS
7.5
EPSS Score
0.26%
Published
2004-09-28
Updated
2024-01-09
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
Max CVSS
7.5
EPSS Score
7.83%
Published
2004-09-28
Updated
2017-10-11
Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
Max CVSS
4.3
EPSS Score
0.44%
Published
2004-09-17
Updated
2017-07-11
The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.
Max CVSS
5.0
EPSS Score
3.72%
Published
2004-09-28
Updated
2018-03-13
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
Max CVSS
7.5
EPSS Score
93.37%
Published
2004-09-28
Updated
2018-10-30
Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules.
Max CVSS
7.5
EPSS Score
0.63%
Published
2004-09-28
Updated
2017-07-11
Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.
Max CVSS
7.5
EPSS Score
4.49%
Published
2004-09-28
Updated
2017-07-11
Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Max CVSS
6.5
EPSS Score
96.52%
Published
2004-09-02
Updated
2008-09-10
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
21.40%
Published
2004-09-28
Updated
2024-02-02
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
Max CVSS
4.6
EPSS Score
0.05%
Published
2004-09-28
Updated
2021-02-02
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
Max CVSS
5.0
EPSS Score
14.16%
Published
2004-09-28
Updated
2020-01-21
90 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!