Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by causing cvsup to link against malicious libraries that are created in world-writable directories such as /usr/src/packages.
Max CVSS
4.6
EPSS Score
0.04%
Published
2004-01-29
Updated
2017-07-11
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-01-27
Updated
2017-07-11
Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to execute arbitrary code via a long filename.
Max CVSS
7.5
EPSS Score
18.29%
Published
2004-01-29
Updated
2017-07-11
Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request.
Max CVSS
7.5
EPSS Score
24.72%
Published
2004-01-03
Updated
2017-07-11
Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings.
Max CVSS
7.5
EPSS Score
0.71%
Published
2004-01-20
Updated
2017-07-11
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
Max CVSS
7.5
EPSS Score
2.14%
Published
2004-01-20
Updated
2017-10-10
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
Max CVSS
7.5
EPSS Score
13.33%
Published
2004-01-20
Updated
2017-10-11
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
Max CVSS
7.2
EPSS Score
0.05%
Published
2004-01-05
Updated
2018-10-30
Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password.
Max CVSS
7.5
EPSS Score
5.67%
Published
2004-01-05
Updated
2018-10-30
Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.
Max CVSS
7.5
EPSS Score
3.47%
Published
2004-01-05
Updated
2017-07-11
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
Max CVSS
7.5
EPSS Score
3.43%
Published
2004-01-20
Updated
2017-10-10
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
Max CVSS
7.5
EPSS Score
1.74%
Published
2004-01-05
Updated
2017-10-11
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!