Filtered by vendor Sgi Subscriptions
Filtered by product Propack Subscriptions
Total 54 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0639 3 Open Webmail, Sgi, Squirrelmail 3 Open Webmail, Propack, Squirrelmail 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.
CVE-2004-0523 5 Mit, Redhat, Sgi and 2 more 8 Kerberos, Kerberos 5, Enterprise Linux and 5 more 2024-11-21 N/A
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
CVE-2004-0521 3 Redhat, Sgi, Squirrelmail 3 Enterprise Linux, Propack, Squirrelmail 2024-11-21 N/A
SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
CVE-2004-0520 4 Open Webmail, Redhat, Sgi and 1 more 4 Open Webmail, Enterprise Linux, Propack and 1 more 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
CVE-2004-0519 3 Redhat, Sgi, Squirrelmail 3 Enterprise Linux, Propack, Squirrelmail 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
CVE-2004-0507 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2024-11-21 N/A
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2004-0506 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2024-11-21 N/A
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.
CVE-2004-0505 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2024-11-21 N/A
The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.
CVE-2004-0504 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2024-11-21 N/A
Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.
CVE-2004-0492 6 Apache, Hp, Ibm and 3 more 8 Http Server, Virtualvault, Vvos and 5 more 2024-11-21 N/A
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
CVE-2004-0424 4 Linux, Redhat, Sgi and 1 more 4 Linux Kernel, Enterprise Linux, Propack and 1 more 2024-11-21 N/A
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
CVE-2004-0418 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2024-11-21 N/A
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
CVE-2004-0417 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2024-11-21 N/A
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
CVE-2004-0416 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2024-11-21 N/A
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
CVE-2004-0414 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2024-11-21 N/A
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
CVE-2004-0235 8 Clearswift, F-secure, Rarlab and 5 more 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more 2024-11-21 N/A
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
CVE-2004-0234 8 Clearswift, F-secure, Rarlab and 5 more 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more 2024-11-21 N/A
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
CVE-2004-0233 4 Redhat, Sgi, Slackware and 1 more 5 Enterprise Linux, Linux, Propack and 2 more 2024-11-21 N/A
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
CVE-2004-0232 5 Gentoo, Midnight Commander, Redhat and 2 more 6 Linux, Midnight Commander, Enterprise Linux and 3 more 2024-11-21 N/A
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-0231 5 Gentoo, Midnight Commander, Redhat and 2 more 6 Linux, Midnight Commander, Enterprise Linux and 3 more 2024-11-21 N/A
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."