| 2004-08-06 | CVE-2004-0548 | Stack Buffer Overflow vulnerability in GNU Aspell
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option. | 7.2 |
| 2004-08-06 | CVE-2004-0535 | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. | 2.1 |
| 2004-08-06 | CVE-2004-0495 | Device Driver vulnerability in Linux Kernel
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | 7.2 |
| 2004-08-06 | CVE-2004-0418 | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | 10.0 |
| 2004-08-06 | CVE-2004-0417 | Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | 5.0 |
| 2004-08-06 | CVE-2004-0416 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. | 10.0 |
| 2004-08-06 | CVE-2004-0414 | CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | 10.0 |
| 2004-07-27 | CVE-2004-0700 | Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | 7.5 |
| 2004-05-04 | CVE-2004-0386 | Remote HTTP Header Buffer Overflow vulnerability in MPlayer
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. | 10.0 |
| 2004-05-02 | CVE-2004-1983 | Denial Of Service vulnerability in PaX 2.6 Kernel Patch
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. | 2.1 |