Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-27 | CVE-2004-0929 | Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image. | 10.0 |
2005-01-27 | CVE-2004-0927 | Multiple Security vulnerability in Apple Mac OS X ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions. | 5.0 |
2005-01-27 | CVE-2004-0926 | Multiple Security vulnerability in Apple Mac OS X Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. | 10.0 |
2005-01-27 | CVE-2004-0925 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate. | 5.0 |
2005-01-27 | CVE-2004-0924 | Multiple Security vulnerability in Apple Mac OS X NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. | 5.0 |
2005-01-27 | CVE-2004-0923 | Local Password Disclosure vulnerability in CUPS Error_Log CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords. | 2.1 |
2005-01-27 | CVE-2004-0922 | Multiple Security vulnerability in Apple Mac OS X AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. | 5.0 |
2005-01-27 | CVE-2004-0921 | Multiple Security vulnerability in Apple Mac OS X AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. | 7.5 |
2005-01-27 | CVE-2004-0918 | Resource Management Errors vulnerability in multiple products The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | 5.0 |
2005-01-27 | CVE-2004-0917 | Remote Information Disclosure vulnerability in Vignette Application Portal The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activities via an HTTP request to /diag. | 5.0 |