Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-03-03 | CVE-2004-0009 | Unspecified vulnerability in Apache-Ssl Apache-SSL 1.3.28+1.52 and earlier, with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth enabled, allows remote attackers to forge a client certificate by using basic authentication with the "one-line DN" of the target user. | 7.5 |
2004-03-03 | CVE-2004-0008 | Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow. | 7.5 |
2004-03-03 | CVE-2004-0007 | Remote Boundary Condition Error vulnerability in Gaim Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
2004-03-03 | CVE-2004-0006 | Remote Boundary Condition Error vulnerability in Gaim Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yahoo login web page, (3) a long value parameter in the Yahoo login page, (4) a YMSG packet, (5) the URL parser, and (6) HTTP proxy connect. | 7.5 |
2004-03-03 | CVE-2003-0818 | Unspecified vulnerability in Microsoft products Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. | 7.5 |
2004-03-03 | CVE-2003-0441 | Buffer Overrun vulnerability in Orville-Write 2.53 Multiple buffer overflows in Orville Write (orville-write) 2.53 and earlier allow local users to gain privileges. | 7.2 |
2004-02-23 | CVE-2004-0324 | Remote Command Execution vulnerability in Confirm E-Mail Header Confirm 0.62 and earlier could allow remote attackers to execute arbitrary code via an e-mail header that contains shell metacharacters such as ", `, |, ;, or $. | 7.5 |
2004-02-17 | CVE-2004-0073 | Remote PHP File Include vulnerability in Stoitsov Easydynamicpages 2.0 PHP remote file inclusion vulnerability in (1) config.php and (2) config_page.php for EasyDynamicPages 2.0 allows remote attackers to execute arbitrary PHP code by modifying the edp_relative_path parameter to reference a URL on a remote web server that contains a malicious serverdata.php script. | 7.5 |
2004-02-17 | CVE-2004-0070 | Remote Command Execution vulnerability in VisualShapers EZContents Module.PHP PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2004-02-17 | CVE-2004-0069 | Unspecified vulnerability in HD Soft Windows FTP Server Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function. | 7.5 |