Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-07-07 | CVE-2004-0470 | Unspecified vulnerability in BEA Weblogic Server 7.0/8.1 BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not have a principal-name tag, which can remove intended access restrictions for the associated web application. | 7.5 |
2004-07-07 | CVE-2004-0424 | Integer Overflow vulnerability in Linux Kernel Setsockopt MCAST_MSFILTER Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | 7.2 |
2004-07-07 | CVE-2004-0400 | Unspecified vulnerability in University of Cambridge Exim Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check. | 7.5 |
2004-07-07 | CVE-2004-0399 | Unspecified vulnerability in University of Cambridge Exim 3.35 Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification. | 7.5 |
2004-07-07 | CVE-2004-0398 | Heap Overflow vulnerability in Neon WebDAV Client Library ne_rfc1036_parse Function Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client. | 7.5 |
2004-07-07 | CVE-2004-0397 | Buffer Overflow vulnerability in Subversion 1.0/1.0.1/1.0.2 Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command. | 7.5 |
2004-06-21 | CVE-2004-1345 | Privilege Escalation vulnerability in SUN products Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access. | 7.2 |
2004-06-14 | CVE-2004-0396 | Heap Overflow vulnerability in CVS Malformed Entry Modified and Unchanged Flag Insertion Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines. | 7.5 |
2004-06-14 | CVE-2004-0227 | Remote Buffer Overflow vulnerability in Triornis ZoneMinder Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allow a remote attacker to execute arbitrary code via a long query string. | 7.5 |
2004-06-14 | CVE-2004-0038 | Remote Code Execution vulnerability in Mcafee Epolicy Orchestrator 2.5/2.5.1/3.0 McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81. | 7.5 |