Buffer overflow of rlogin program using TERM environmental variable.
Max CVSS
10.0
EPSS Score
0.94%
Published
1997-02-06
Updated
2024-02-09
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
Max CVSS
10.0
EPSS Score
0.63%
Published
1997-01-27
Updated
2008-09-09
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
Max CVSS
10.0
EPSS Score
8.59%
Published
1999-02-09
Updated
2022-08-17
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
Max CVSS
10.0
EPSS Score
0.82%
Published
1999-06-12
Updated
2022-08-17
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
Max CVSS
10.0
EPSS Score
0.60%
Published
1999-11-09
Updated
2008-09-09
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
Max CVSS
10.0
EPSS Score
8.41%
Published
2000-07-02
Updated
2018-05-03
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
8.05%
Published
2000-07-16
Updated
2018-05-03
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Max CVSS
10.0
EPSS Score
0.48%
Published
2000-11-14
Updated
2018-10-30
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
Max CVSS
10.0
EPSS Score
2.10%
Published
2000-01-08
Updated
2017-07-11
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
Max CVSS
10.0
EPSS Score
4.50%
Published
2001-03-26
Updated
2017-10-10
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
Max CVSS
10.0
EPSS Score
0.92%
Published
2001-08-14
Updated
2022-01-21
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
Max CVSS
10.0
EPSS Score
29.36%
Published
2002-11-04
Updated
2020-01-21
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
Max CVSS
10.0
EPSS Score
0.95%
Published
2003-03-03
Updated
2018-09-26
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.23%
Published
2004-05-04
Updated
2017-07-11
k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
5.93%
Published
2004-07-07
Updated
2024-02-02
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
Max CVSS
10.0
EPSS Score
1.33%
Published
2004-12-06
Updated
2017-07-11
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
Max CVSS
10.0
EPSS Score
0.37%
Published
2004-08-06
Updated
2017-07-11
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
Max CVSS
10.0
EPSS Score
0.68%
Published
2004-11-03
Updated
2019-12-17
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
Max CVSS
10.0
EPSS Score
7.00%
Published
2005-01-27
Updated
2017-10-11
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
Max CVSS
10.0
EPSS Score
4.64%
Published
2005-01-27
Updated
2017-07-11

CVE-2004-0964

Public exploit
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
Max CVSS
10.0
EPSS Score
16.69%
Published
2005-02-09
Updated
2017-07-11
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.57%
Published
2005-02-09
Updated
2017-07-11
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
Max CVSS
10.0
EPSS Score
8.89%
Published
2005-02-09
Updated
2017-10-11
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
Max CVSS
10.0
EPSS Score
3.52%
Published
2005-01-10
Updated
2017-07-11
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
Max CVSS
10.0
EPSS Score
0.93%
Published
2005-03-01
Updated
2017-07-11
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!