Weekly Vulnerabilities Reports > August 16 to 22, 2004
Overview
75 new vulnerabilities reported during this period, including 16 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 94 products from 60 vendors including Mozilla, SGI, Gentoo, Apple, and Microsoft. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Path Traversal".
- 61 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 75 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 17 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 6 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
16 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-08-18 | CVE-2004-0769 | Mozilla | Unspecified vulnerability in Mozilla Bugzilla Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771. | 10.0 |
2004-08-18 | CVE-2004-0764 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | 10.0 |
2004-08-18 | CVE-2004-0757 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | 10.0 |
2004-08-18 | CVE-2004-0722 | Mozilla Netscape | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. | 10.0 |
2004-08-18 | CVE-2004-0631 | Adobe | Buffer Overflow vulnerability in Adobe Acrobat Reader For Unix UUDecode Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command. | 10.0 |
2004-08-18 | CVE-2004-0630 | Adobe | Remote Arbitrary Code Execution vulnerability in Adobe Acrobat Reader Shell Metacharacter The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command. | 10.0 |
2004-08-18 | CVE-2004-0523 | MIT SGI SUN Tinysofa | Principal Name Buffer Overrun vulnerability in MIT Kerberos 5 KRB5_AName_To_Localname Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | 10.0 |
2004-08-18 | CVE-2004-0521 | SGI Squirrelmail | SQL Injection vulnerability in SquirrelMail SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php. | 10.0 |
2004-08-18 | CVE-2004-0513 | Apple | Security vulnerability in Apple Mac OS X Unspecified vulnerability in Mac OS X before 10.3.4 has unknown impact and attack vectors related to "logging when tracing system calls." | 10.0 |
2004-08-18 | CVE-2004-0487 | Symantec | Remote Code Execution vulnerability in Symantec Norton Antivirus 2.1 A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs. | 10.0 |
2004-08-18 | CVE-2004-0433 | Mplayer Xine | Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets. | 10.0 |
2004-08-18 | CVE-2004-0425 | Netegrity | Heap Overflow vulnerability in Netegrity Sideminder Affiliate Agent 4.0 Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie. | 10.0 |
2004-08-18 | CVE-2004-0234 | Clearswift F Secure Rarlab Redhat SGI Stalker Tsugio Okamoto Winzip | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. | 10.0 |
2004-08-18 | CVE-2004-0226 | Midnight Commander SGI Gentoo Slackware | Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. | 10.0 |
2004-08-18 | CVE-2003-1043 | Mozilla | Multiple vulnerability in Bugzilla SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi. | 10.0 |
2004-08-18 | CVE-2003-1042 | Mozilla | Multiple vulnerability in Bugzilla SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name. | 10.0 |
18 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-08-20 | CVE-2004-1732 | Mydms | SQL Injection Vulnerability And Directory Traversal vulnerability in Mydms 1.4/1.4.1 SQL injection vulnerability in out.ViewFolder.php in MyDMS before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the folderid parameter. | 7.5 |
2004-08-20 | CVE-2004-1728 | British National Corpus | Remote Buffer Overflow vulnerability in British National Corpus SARA Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string. | 7.5 |
2004-08-20 | CVE-2004-1726 | John Bradley | Buffer Overflow and Integer Handling vulnerability in John Bradley XV 3.10A Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. | 7.5 |
2004-08-18 | CVE-2004-1724 | PHP Fusion | Information Disclosure vulnerability in PHP Fusion PHP Fusion 4.0 The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator username and password. | 7.5 |
2004-08-18 | CVE-2004-0779 | Firebirdsql Mozilla | Remote Security vulnerability in Firebird The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site. | 7.5 |
2004-08-18 | CVE-2004-0765 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates. | 7.5 |
2004-08-18 | CVE-2004-0518 | Apple | Remote Security vulnerability in Apple Mac OS X Server Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. | 7.5 |
2004-08-18 | CVE-2004-0432 | Proftpd Project Gentoo Trustix | ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. | 7.5 |
2004-08-18 | CVE-2004-0419 | X ORG Xfree86 Project Gentoo | XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | 7.5 |
2004-08-18 | CVE-2003-1046 | Mozilla | Multiple vulnerability in Bugzilla describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products. | 7.5 |
2004-08-18 | CVE-2003-1044 | Mozilla | Multiple vulnerability in Bugzilla editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID. | 7.5 |
2004-08-17 | CVE-2004-1722 | Merak | Multiple vulnerability in Merak Mail Server 7.5.2 SQL injection vulnerability in calendar.html in Merak Mail Server 5.2.7 allows remote attackers to execute arbitrary SQL statements via the schedule parameter. | 7.5 |
2004-08-16 | CVE-2004-1737 | THE Cacti Group Gentoo | SQL Injection vulnerability in RaXnet Cacti Auth_Login.PHP SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | 7.5 |
2004-08-16 | CVE-2004-1717 | GV | Remote Buffer Overflow vulnerability in GV Postscript and PDF Viewer Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value. | 7.5 |
2004-08-18 | CVE-2004-0514 | Apple | Security vulnerability in Apple Mac OS X Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | 7.2 |
2004-08-18 | CVE-2004-0490 | Cpanel | Local Privilege Escalation vulnerability in cPanel cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529. | 7.2 |
2004-08-18 | CVE-2004-0228 | Linux | Unspecified vulnerability in Linux Kernel 2.6.0 Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges. | 7.2 |
2004-08-18 | CVE-2004-0134 | SGI | Privilege Escalation vulnerability in IRIX Checkpoint and Restart libcpr Library Loading cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process. | 7.2 |
35 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-08-18 | CVE-2004-0520 | Open Webmail SGI Squirrelmail | HTML Injection vulnerability in SquirrelMail Email Header Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. | 6.8 |
2004-08-18 | CVE-2004-0519 | SGI Squirrelmail | Cross-Site Scripting vulnerability in SquirrelMail Folder Name Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. | 6.8 |
2004-08-16 | CVE-2004-1716 | Powie | HTML Injection vulnerability in PScript PForum User Profile Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile. | 6.8 |
2004-08-18 | CVE-2004-0760 | Mozilla | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI. | 6.4 |
2004-08-18 | CVE-2004-0759 | Mozilla | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag. | 6.4 |
2004-08-18 | CVE-2004-0235 | Clearswift F Secure Rarlab Redhat SGI Stalker Tsugio Okamoto Winzip | Buffer Overflow/Directory Traversal vulnerability in Multiple LHA Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. | 6.4 |
2004-08-20 | CVE-2004-1733 | Mydms | SQL Injection Vulnerability And Directory Traversal vulnerability in Mydms 1.4/1.4.1/1.4.2 Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. | 5.0 |
2004-08-20 | CVE-2004-1731 | Mantis | Unspecified vulnerability in Mantis signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address. | 5.0 |
2004-08-20 | CVE-2004-1727 | Working Resources INC | Denial Of Service vulnerability in Working Resources Inc. Badblue 2.50 BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address. | 5.0 |
2004-08-18 | CVE-2004-0839 | Microsoft Avaya Nortel | Internet Explorer in Windows XP SP2, and other versions including 5.01 and 5.5, allows remote attackers to install arbitrary programs via a web page that uses certain styles and the AnchorClick behavior, popup windows, and drag-and-drop capabilities to drop the program in the local startup folder, as demonstrated by "wottapoop.html". | 5.0 |
2004-08-18 | CVE-2004-0767 | Ngsec | Unspecified vulnerability in Ngsec Stackdefender 1.10 NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions. | 5.0 |
2004-08-18 | CVE-2004-0766 | Ngsec | Unspecified vulnerability in Ngsec Stackdefender 2.0 NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwProtectVirtualMemory functions. | 5.0 |
2004-08-18 | CVE-2004-0763 | Mozilla | Unspecified vulnerability in Mozilla Firefox 0.9.1/0.9.2 Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method. | 5.0 |
2004-08-18 | CVE-2004-0762 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box. | 5.0 |
2004-08-18 | CVE-2004-0761 | Mozilla | Unspecified vulnerability in Mozilla Firefox, Mozilla and Thunderbird Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted. | 5.0 |
2004-08-18 | CVE-2004-0758 | Mozilla | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid. | 5.0 |
2004-08-18 | CVE-2004-0503 | Microsoft | Unspecified vulnerability in Microsoft Outlook 2003 Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502. | 5.0 |
2004-08-18 | CVE-2004-0502 | Microsoft | Unspecified vulnerability in Microsoft Outlook 2003 Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI. | 5.0 |
2004-08-18 | CVE-2004-0501 | Microsoft | Unspecified vulnerability in Microsoft Outlook 2003 Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language (VML) entity whose src parameter points to the remote site, which could allow remote attackers to know when a message has been read, verify valid e-mail addresses, and possibly leak other information. | 5.0 |
2004-08-18 | CVE-2004-0476 | 3Com | Remote 812 ADSL Router Telnet Buffer Overflow vulnerability in 3Com 3Cp4144 1.1.9.4 Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 allows remote attackers to cause a denial of service (reboot or packet loss) via a long string containing Telnet escape characters to the Telnet port. | 5.0 |
2004-08-18 | CVE-2004-0412 | GNU | Password Retrieval vulnerability in GNU Mailman Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | 5.0 |
2004-08-18 | CVE-2004-0375 | Symantec | Remote Denial Of Service vulnerability in Symantec Client Firewall Products SYMNDIS.SYS Driver SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero. | 5.0 |
2004-08-18 | CVE-2004-0232 | Midnight Commander SGI Gentoo Slackware | Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. | 5.0 |
2004-08-18 | CVE-2004-0230 | Oracle Openpgp Mcafee Netbsd Xinuos Juniper | TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | 5.0 |
2004-08-18 | CVE-2003-1045 | Mozilla | Multiple vulnerability in Bugzilla votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter. | 5.0 |
2004-08-17 | CVE-2004-1721 | Merak | Multiple vulnerability in Merak Mail Server 5.2.7 The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attackers to read arbitrary PHP files via a direct HTTP request to port 32000. | 5.0 |
2004-08-17 | CVE-2004-1720 | Merak | Multiple vulnerability in Merak Mail Server 7.4.5 The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. | 5.0 |
2004-08-18 | CVE-2004-0517 | Apple | Security vulnerability in Apple Mac OS X Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. | 4.6 |
2004-08-18 | CVE-2004-0516 | Apple | Security vulnerability in Apple Mac OS X Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | 4.6 |
2004-08-18 | CVE-2004-0515 | Apple | Security vulnerability in Apple Mac OS X Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files." | 4.6 |
2004-08-18 | CVE-2004-0229 | Gentoo Linux | Unspecified vulnerability in Linux kernel Framebuffer Code The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact. | 4.6 |
2004-08-21 | CVE-2004-1735 | Sympa | HTML Injection vulnerability in Sympa New List Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. | 4.3 |
2004-08-20 | CVE-2004-1729 | Nihuo Software | HTML Injection vulnerability in Nihuo Software web LOG Analyzer 1.6 Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | 4.3 |
2004-08-18 | CVE-2004-0175 | Openbsd | Path Traversal vulnerability in Openbsd Openssh Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. | 4.3 |
2004-08-17 | CVE-2004-1719 | Merak | Multiple vulnerability in Merak Mail Server 7.4.5 Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message. | 4.3 |
6 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2004-08-18 | CVE-2004-0435 | Freebsd | Buffer Cache Implementation vulnerability in FreeBSD Msync(2) System Call Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. | 3.6 |
2004-08-18 | CVE-2004-0394 | Linux | Buffer Overflow vulnerability in Linux Kernel 2.6.20.1 A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. | 2.1 |
2004-08-18 | CVE-2004-0233 | SGI Utempter Slackware | Local vulnerability in UTempter Utempter allows device names that contain .. | 2.1 |
2004-08-18 | CVE-2004-0231 | Midnight Commander SGI Gentoo Slackware | Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." | 2.1 |
2004-08-18 | CVE-2003-0193 | Catdoc | Local Insecure Temporary File Creation vulnerability in CatDoc XLSView msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names ("word$$.html"). | 2.1 |
2004-08-17 | CVE-2004-1718 | Pedestal Software | Local Denial Of Service vulnerability in Pedestal Software Integrity Protection Driver 1.2/1.3/1.4 The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. | 2.1 |