| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-0505 | 5.0 |
The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.
|
14-02-2024 - 01:17 | 18-08-2004 - 04:00 | |
| CVE-2004-0506 | 5.0 |
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.
|
14-02-2024 - 01:17 | 18-08-2004 - 04:00 | |
| CVE-2004-0507 | 10.0 |
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
|
14-02-2024 - 01:17 | 18-08-2004 - 04:00 | |
| CVE-2004-0504 | 5.0 |
Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.
|
14-02-2024 - 01:17 | 18-08-2004 - 04:00 | |
| CVE-2004-0523 | 10.0 |
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
|
21-01-2020 - 15:47 | 18-08-2004 - 04:00 | |
| CVE-2004-0541 | 10.0 |
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2004-0416 | 10.0 |
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2004-0414 | 10.0 |
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2004-0418 | 10.0 |
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical prog
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2004-0521 | 10.0 |
SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
|
11-10-2017 - 01:29 | 18-08-2004 - 04:00 | |
| CVE-2004-0520 | 6.8 |
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
|
11-10-2017 - 01:29 | 18-08-2004 - 04:00 | |
| CVE-2004-0519 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in
|
11-10-2017 - 01:29 | 18-08-2004 - 04:00 |