Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2004-08-06	CVE-2004-0418	serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. network low complexity cvs openpkg sgi gentoo openbsd critical	10.0
2004-08-06	CVE-2004-0416	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. network low complexity cvs openpkg sgi gentoo openbsd CWE-119 critical	10.0
2004-08-06	CVE-2004-0414	CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. network low complexity cvs openpkg sgi gentoo openbsd critical	10.0
2004-05-04	CVE-2004-0386	Remote HTTP Header Buffer Overflow vulnerability in MPlayer Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. network low complexity mplayer gentoo mandrakesoft critical	10.0
2003-12-31	CVE-2003-1422	Unspecified vulnerability in Gentoo Syslinux 2.0.1 Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors. network low complexity gentoo critical	10.0
2003-10-06	CVE-2003-0694	The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. network low complexity sendmail sgi apple compaq freebsd gentoo hp ibm netbsd sun turbolinux critical	10.0