Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1270 | lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. | 2.1 |
| 2005-01-10 | CVE-2004-1269 | lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | 5.0 |
| 2005-01-10 | CVE-2004-1268 | lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. | 2.1 |
| 2005-01-10 | CVE-2004-1267 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. | 6.5 |
| 2005-01-10 | CVE-2004-1266 | Remote Security vulnerability in Jacob Rhoden Csv2Xml 0.5.1 Buffer overflow in the get_field_headers function in csv2xml.cpp for csv2xml 0.5.1 allows remote attackers to execute arbitrary code via a crafted CSV file. | 10.0 |
| 2005-01-10 | CVE-2004-1265 | Remote Security vulnerability in Alex Dunaevsky Convex 3D 0.8Pre1 Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex 3D 0.8pre1 allows remote attackers to execute arbitrary code via a crafted 3DS file. | 10.0 |
| 2005-01-10 | CVE-2004-1264 | Unspecified vulnerability in Chbg 1.5 Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to execute arbitrary code via a crafted chbg scenario file. | 10.0 |
| 2005-01-10 | CVE-2004-1263 | Denial-Of-Service vulnerability in ChangePassword changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious "make" program. | 7.2 |
| 2005-01-10 | CVE-2004-1262 | Remote Security vulnerability in Stuart Cunningham Bsb2Ppm 0.0.6 Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm 0.0.6 allows remote attackers to execute arbitrary code via crafted BSB pictures. | 10.0 |
| 2005-01-10 | CVE-2004-1261 | Remote Security vulnerability in Asp2PHP 0.76.23 Multiple buffer overflows in the preparse function in asp2php 0.76.23 allow remote attackers to execute arbitrary code via crafted ASP scripts. | 10.0 |