Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-06 | CVE-2002-1582 | Remote Command Execution vulnerability in Mailreader.Com 2.3.30/2.3.31 compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi. | 10.0 |
| 2004-12-03 | CVE-2003-1208 | Buffer Overflow vulnerability in Multiple Oracle Database Parameter/Statement Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions. | 10.0 |
| 2004-11-24 | CVE-2004-0308 | Unspecified vulnerability in Cisco Optical Networking Systems Software Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell. | 10.0 |
| 2004-11-23 | CVE-2004-0771 | extract_one Buffer Overflow vulnerability in Tsugio Okamoto LHA 1.14/1.15/1.17 Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. | 10.0 |
| 2004-11-23 | CVE-2004-0636 | Unspecified vulnerability in AOL Instant Messenger 5.5/5.5.3415Beta/5.5.3595 Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message. | 10.0 |
| 2004-11-23 | CVE-2004-0597 | Remote vulnerability in LibPNG Graphics Library Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. | 10.0 |
| 2004-11-23 | CVE-2004-0357 | Buffer Overflow vulnerability in Seattle LAB Software Slmail PRO 2.0.9 Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll. | 10.0 |
| 2004-11-23 | CVE-2004-0356 | Remote Buffer Overflow vulnerability in Seattle Lab Software SLMail Pro Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version. | 10.0 |
| 2004-11-23 | CVE-2004-0354 | Remote Buffer Overflow and Format String vulnerability in GNU Anubis Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c. | 10.0 |
| 2004-11-23 | CVE-2004-0353 | Remote Buffer Overflow and Format String vulnerability in GNU Anubis Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | 10.0 |