Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-07-27 | CVE-2004-0703 | Unspecified vulnerability in Mozilla Bugzilla Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users with "grant membership" privileges to grant memberships to groups that the user does not control. | 7.5 |
2004-07-27 | CVE-2004-0700 | Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | 7.5 |
2004-07-27 | CVE-2004-0695 | Remote Security vulnerability in WebSTAR Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command. | 7.5 |
2004-07-27 | CVE-2004-0632 | Unspecified vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow. | 7.5 |
2004-07-27 | CVE-2004-0566 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.0.1/5.5 Integer overflow in imgbmp.cxx for Windows 2000 allows remote attackers to execute arbitrary code via a BMP image with a large bfOffBits value. | 7.5 |
2004-07-27 | CVE-2003-1048 | Double Free vulnerability in Microsoft products Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. | 7.8 |
2004-07-24 | CVE-2004-2053 | Remote File Include vulnerability in Easyins Stadtportal4.0 PHP remote file inclusion vulnerability in index.php in EasyIns Stadtportal 4 allows remote attackers to execute arbitrary PHP code via the site parameter. | 7.5 |
2004-07-07 | CVE-2004-0486 | Remote Code Execution vulnerability in Apple Mac OS X Help Protocol HelpViewer in Mac OS X 10.3.3 and 10.2.8 processes scripts that it did not initiate, which can allow attackers to execute arbitrary code, an issue that was originally reported as a directory traversal vulnerability in the Safari web browser using the runscript parameter in a help: URI handler. | 7.6 |
2004-07-07 | CVE-2004-0470 | Unspecified vulnerability in BEA Weblogic Server 7.0/8.1 BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not have a principal-name tag, which can remove intended access restrictions for the associated web application. | 7.5 |
2004-07-07 | CVE-2004-0424 | Integer Overflow vulnerability in Linux Kernel Setsockopt MCAST_MSFILTER Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | 7.2 |