Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-03-15 | CVE-2004-0190 | Unspecified vulnerability in Symantec products Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges. | 7.5 |
| 2004-03-15 | CVE-2004-0189 | Unspecified vulnerability in Squid The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists. | 7.5 |
| 2004-03-15 | CVE-2004-0188 | Unspecified vulnerability in Calife 2.8.4C/2.8.5 Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password. | 7.2 |
| 2004-03-15 | CVE-2004-0186 | Local Privilege Elevation vulnerability in Linux Kernel Samba Share smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted. | 7.2 |
| 2004-03-15 | CVE-2004-0172 | Local Command Line Parameter Heap Overflow vulnerability in Juan Cespedes Ltrace 0.3.10 Heap-based buffer overflow in the search_for_command function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. | 7.2 |
| 2004-03-15 | CVE-2004-0167 | Remote vulnerability in Multiple Apple Mac OS X Local And DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | 7.5 |
| 2004-03-15 | CVE-2004-0159 | Remote Format String vulnerability in Samhain Labs HSFTP Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" command. | 7.5 |
| 2004-03-15 | CVE-2004-0110 | Remote URI Parsing Buffer Overrun vulnerability in libxml2 Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. | 7.5 |
| 2004-03-15 | CVE-2004-0094 | Buffer Overflow vulnerability in XFree86 Direct Rendering Infrastructure Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI). | 7.5 |
| 2004-03-15 | CVE-2004-0093 | Buffer Overflow vulnerability in XFree86 Direct Rendering Infrastructure XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI). | 7.5 |