CVE-2004-2691

Public exploit
Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from third party reports.
Max CVSS
7.1
EPSS Score
96.41%
Published
2004-12-31
Updated
2017-07-29

CVE-2004-2687

Public exploit
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
Max CVSS
9.3
EPSS Score
92.48%
Published
2004-12-31
Updated
2008-09-05

CVE-2004-2416

Public exploit
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
Max CVSS
7.5
EPSS Score
95.76%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2271

Public exploit
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Max CVSS
7.5
EPSS Score
79.81%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2221

Public exploit
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request.
Max CVSS
7.5
EPSS Score
60.63%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2111

Public exploit
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
Max CVSS
8.5
EPSS Score
97.24%
Published
2004-12-31
Updated
2020-07-28

CVE-2004-1638

Public exploit
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
Max CVSS
7.5
EPSS Score
51.13%
Published
2004-10-16
Updated
2017-07-11

CVE-2004-1595

Public exploit
Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.
Max CVSS
7.5
EPSS Score
51.13%
Published
2004-10-13
Updated
2017-07-11

CVE-2004-1561

Public exploit
Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.
Max CVSS
7.5
EPSS Score
96.50%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1558

Public exploit
Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request.
Max CVSS
7.5
EPSS Score
71.05%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1550

Public exploit
Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on.
Max CVSS
7.5
EPSS Score
1.79%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1389

Public exploit
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature.
Max CVSS
6.0
EPSS Score
4.49%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1388

Public exploit
Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.
Max CVSS
7.5
EPSS Score
66.14%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1373

Public exploit
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
Max CVSS
7.5
EPSS Score
97.16%
Published
2004-12-23
Updated
2017-07-11

CVE-2004-1317

Public exploit
Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.
Max CVSS
7.5
EPSS Score
83.62%
Published
2004-12-27
Updated
2017-07-11

CVE-2004-1315

Public exploit
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm.
Max CVSS
7.5
EPSS Score
96.27%
Published
2004-11-12
Updated
2017-07-11

CVE-2004-0798

Public exploit
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
Max CVSS
7.5
EPSS Score
93.13%
Published
2004-10-20
Updated
2017-10-05

CVE-2004-0795

Public exploit
DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.
Max CVSS
7.2
EPSS Score
1.95%
Published
2004-10-20
Updated
2017-07-11

CVE-2004-0735

Public exploit
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors.
Max CVSS
7.5
EPSS Score
42.99%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0695

Public exploit
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.
Max CVSS
7.5
EPSS Score
87.71%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0636

Public exploit
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message.
Max CVSS
10.0
EPSS Score
91.90%
Published
2004-11-23
Updated
2017-07-11

CVE-2004-0608

Public exploit
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute arbitrary code via a UDP packet containing a secure query with a long value, which overwrites memory.
Max CVSS
10.0
EPSS Score
62.02%
Published
2004-12-06
Updated
2017-07-11

CVE-2004-0541

Public exploit
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
Max CVSS
10.0
EPSS Score
96.32%
Published
2004-08-06
Updated
2018-05-03

CVE-2004-0397

Public exploit
Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command.
Max CVSS
7.5
EPSS Score
96.36%
Published
2004-07-07
Updated
2017-07-11

CVE-2004-0363

Public exploit
Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method.
Max CVSS
7.5
EPSS Score
93.82%
Published
2004-04-15
Updated
2017-07-11
35 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!