High

DATE	CVE	VULNERABILITY TITLE	RISK
2005-04-14	CVE-2004-1176	Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1175	fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1005	Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1004	Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-03-01	CVE-2004-1031	Local vulnerability in Fcron FCronTab/FCronSighUp fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ. local low complexity thibault-godouet gentoo	7.2
2005-02-22	CVE-2005-0535	Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users. network low complexity mediawiki gentoo	7.5
2005-02-09	CVE-2004-0937	Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse	7.5
2005-01-27	CVE-2004-0936	RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse	7.5
2005-01-27	CVE-2004-0935	Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse	7.5
2005-01-27	CVE-2004-0934	Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse	7.5