Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-09-16 | CVE-2004-1689 | Information Disclosure vulnerability in Todd Miller Sudo 1.6.8 sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit. | 2.1 |
| 2004-09-13 | CVE-2004-1683 | Local Command Execution vulnerability in QNX CRTTrap Path Environment Variable A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap. | 3.7 |
| 2004-09-13 | CVE-2004-0838 | Unspecified vulnerability in Lexar Jumpdrive Secure Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive. | 2.1 |
| 2004-09-08 | CVE-2004-0851 | Symbolic Link vulnerability in Ulrich Callmeier Net-Acct 0.6/0.7/0.71 The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 2.1 |
| 2004-08-18 | CVE-2004-0435 | Buffer Cache Implementation vulnerability in FreeBSD Msync(2) System Call Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | 3.6 |
| 2004-08-18 | CVE-2004-0394 | Buffer Overflow vulnerability in Linux Kernel 2.6.20.1 A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. | 2.1 |
| 2004-08-18 | CVE-2004-0233 | Local vulnerability in UTempter Utempter allows device names that contain .. | 2.1 |
| 2004-08-18 | CVE-2004-0231 | Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." | 2.1 |
| 2004-08-18 | CVE-2003-0193 | Local Insecure Temporary File Creation vulnerability in CatDoc XLSView msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names ("word$$.html"). | 2.1 |
| 2004-08-17 | CVE-2004-1718 | Local Denial Of Service vulnerability in Pedestal Software Integrity Protection Driver 1.2/1.3/1.4 The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. | 2.1 |