Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-0555 | Unspecified vulnerability in GNU Queue Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code. | 7.5 |
2004-12-31 | CVE-2004-0390 | Unspecified vulnerability in SCO Openserver 5.0.5/5.0.6/5.0.7 SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods. | 7.5 |
2004-12-31 | CVE-2004-0369 | Remote IPsec/ISAKMP Buffer Overflow vulnerability in Entrust LibKMP ISAKMP Library Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. | 7.5 |
2004-12-31 | CVE-2004-0323 | Unspecified vulnerability in XMB Forum XMB 1.8/1.8Sp1/1.8Sp2 Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. | 7.5 |
2004-12-27 | CVE-2004-1317 | Remote Security vulnerability in Netcat Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command. | 7.5 |
2004-12-23 | CVE-2004-1373 | Unspecified vulnerability in Nullsoft Shoutcast Server 1.9.4 Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file. | 7.5 |
2004-12-23 | CVE-2004-1337 | The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. | 7.2 |
2004-12-23 | CVE-2004-0998 | Unspecified vulnerability in Telnetd and Telnetd-Ssl Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code. | 7.5 |
2004-12-23 | CVE-2004-0873 | Unspecified vulnerability in Apple Ichat and Ichat AV Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program. | 7.5 |
2004-12-23 | CVE-2004-0867 | Permissions, Privileges, and Access Controls vulnerability in multiple products Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | 7.5 |