Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2005-01-10 CVE-2004-1013 The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. 10.0
10
2005-01-10 CVE-2004-1012 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. 10.0
10
2005-01-10 CVE-2004-1011 Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. 10.0
10
2005-01-10 CVE-2004-1008 Remote SSH2_MSG_DEBUG Buffer Overflow vulnerability in PuTTY
Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.
network
low complexity
putty tortoisecvs
critical
 10.0
10
2005-01-10 CVE-2004-0996 main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
local
low complexity
cscope debian gentoo sco
2.1
2.1
2005-01-10 CVE-2004-0994 Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c.
network
low complexity
zgv debian
critical
 10.0
10
2005-01-10 CVE-2004-0993 Remote Buffer Overflow vulnerability in HP HPSockd 0.4/0.5
Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
network
low complexity
hp
critical
 10.0
10
2005-01-10 CVE-2004-0987 Remote Buffer Overflow vulnerability in Yard Radius
Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.
network
low complexity
yard-radius yard-radius-project
critical
 10.0
10
2005-01-10 CVE-2004-0956 MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
network
low complexity
oracle suse ubuntu
5.0
5.0
2005-01-10 CVE-2004-0953 Remote Buffer Overflow vulnerability in Jabber Software Foundation Jabber Server 2.0
Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long username.
network
low complexity
jabber-software-foundation
critical
 10.0
10