Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-11-03 | CVE-2004-0209 | Remote Buffer Overflow vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer." | 10.0 |
2004-10-26 | CVE-2004-1636 | Remote Buffer Overflow vulnerability in NET Integration Technologies Inc. Wvtftp 0.9 Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet. | 10.0 |
2004-10-23 | CVE-2004-1628 | USE of Externally-Controlled Format String vulnerability in Pizzashack Rssh Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code. | 9.0 |
2004-10-20 | CVE-2004-0772 | Double Free vulnerability in multiple products Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. | 9.8 |
2004-09-28 | CVE-2004-0745 | Unspecified vulnerability in Tsugio Okamoto LHA LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name. | 10.0 |
2004-09-28 | CVE-2004-0200 | Unspecified vulnerability in Microsoft products Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. | 9.3 |
2004-09-20 | CVE-2004-1695 | Authentication Bypass And Denial Of Service vulnerability in Emulive Server4 Commercebuild7560 EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to bypass authentication for the remote administration feature via a URL that contains an extra leading / (slash). | 10.0 |
2004-08-18 | CVE-2004-0769 | Unspecified vulnerability in Mozilla Bugzilla Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771. | 10.0 |
2004-08-18 | CVE-2004-0764 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | 10.0 |
2004-08-18 | CVE-2004-0757 | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | 10.0 |