Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument.
Max CVSS
7.5
EPSS Score
5.92%
Published
2004-12-23
Updated
2017-07-11
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
Max CVSS
7.5
EPSS Score
39.30%
Published
2004-06-14
Updated
2017-07-11
Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-09-28
Updated
2008-09-05
Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.
Max CVSS
7.5
EPSS Score
4.93%
Published
2004-03-29
Updated
2017-07-11

CVE-2003-0533

Public exploit
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Max CVSS
7.5
EPSS Score
97.21%
Published
2004-06-01
Updated
2018-10-12
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.23%
Published
2004-05-04
Updated
2017-07-11

CVE-2003-0719

Public exploit
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Max CVSS
7.5
EPSS Score
95.57%
Published
2004-06-01
Updated
2018-10-12
Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.32%
Published
2004-05-04
Updated
2017-07-11
Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
50.83%
Published
2004-06-01
Updated
2018-10-12

CVE-2003-0818

Public exploit
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
Max CVSS
7.5
EPSS Score
97.36%
Published
2004-03-03
Updated
2019-04-30
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
Max CVSS
10.0
EPSS Score
31.19%
Published
2004-02-17
Updated
2018-10-12
The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
9.3
EPSS Score
96.67%
Published
2004-03-03
Updated
2019-04-30
Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.
Max CVSS
10.0
EPSS Score
42.90%
Published
2004-02-17
Updated
2018-10-12
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Max CVSS
7.6
EPSS Score
10.33%
Published
2004-06-01
Updated
2018-10-12
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
Max CVSS
5.1
EPSS Score
88.16%
Published
2004-06-01
Updated
2024-02-13
The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213.
Max CVSS
7.2
EPSS Score
0.06%
Published
2004-06-01
Updated
2018-10-12
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
Max CVSS
7.2
EPSS Score
0.06%
Published
2004-06-01
Updated
2018-10-12
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
Max CVSS
7.5
EPSS Score
1.74%
Published
2004-01-05
Updated
2017-10-11
Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line.
Max CVSS
7.5
EPSS Score
4.62%
Published
2004-02-17
Updated
2017-10-10
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
Max CVSS
7.5
EPSS Score
3.43%
Published
2004-01-20
Updated
2017-10-10
Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.
Max CVSS
7.5
EPSS Score
3.47%
Published
2004-01-05
Updated
2017-07-11
Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password.
Max CVSS
7.5
EPSS Score
5.67%
Published
2004-01-05
Updated
2018-10-30
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
Max CVSS
7.5
EPSS Score
2.78%
Published
2004-02-17
Updated
2017-10-10
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
Max CVSS
7.2
EPSS Score
0.05%
Published
2004-01-05
Updated
2018-10-30
Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-03-29
Updated
2017-07-11
429 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!