Max CVSS 10.0 Min CVSS 2.1 Total Count30
IDCVSSSummaryLast (major) updatePublished
CVE-2004-0940 6.9
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
17-10-2016 - 22:50 09-02-2005 - 00:00
CVE-2004-0886 5.0
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0885 7.5
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host config
17-10-2016 - 22:49 03-11-2004 - 00:00
CVE-2004-0803 7.5
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
17-10-2016 - 22:49 23-12-2004 - 00:00
CVE-2004-0772 7.5
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0644 5.0
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0643 4.6
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0642 7.5
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0492 10.0
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0488 7.5
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subje
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0174 5.0
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listeni
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2003-0987 7.5
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
17-10-2016 - 22:38 03-03-2004 - 00:00
CVE-2003-0020 5.0
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
17-10-2016 - 22:28 18-03-2003 - 00:00
CVE-2004-0786 5.0
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
07-03-2011 - 21:16 20-10-2004 - 00:00
CVE-2004-0804 5.0
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452
21-08-2010 - 00:21 03-11-2004 - 00:00
CVE-2004-0751 5.0
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0748 5.0
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0747 4.6
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-1123 5.0
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.
10-09-2008 - 15:29 10-01-2005 - 00:00
CVE-2004-1122 7.5
Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vul
10-09-2008 - 15:29 10-01-2005 - 00:00
CVE-2004-1089 4.6
Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus IMAP allows local users to access mailboxes of other users.
10-09-2008 - 15:28 02-12-2004 - 00:00
CVE-2004-1088 7.5
Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail without authentication by replaying authentication information.
10-09-2008 - 15:28 02-12-2004 - 00:00
CVE-2004-1087 2.1
Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user.
10-09-2008 - 15:28 02-12-2004 - 00:00
CVE-2004-1086 7.5
Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitrary code via a crafted PostScript input file.
10-09-2008 - 15:28 02-12-2004 - 00:00
CVE-2004-1085 2.1
Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.
10-09-2008 - 15:28 02-12-2004 - 00:00
CVE-2004-1084 5.0
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
10-09-2008 - 15:28 02-12-2004 - 00:00
CVE-2004-1083 5.0
Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning wit
10-09-2008 - 15:28 03-12-2004 - 00:00
CVE-2004-1121 5.0
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
05-09-2008 - 16:40 01-11-2004 - 00:00
CVE-2004-1082 7.5
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
05-09-2008 - 16:40 03-02-2004 - 00:00
CVE-2004-1081 2.1
The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.
05-09-2008 - 16:40 02-12-2004 - 00:00
Back to Top Mark selected
Back to Top