CVE-2004-1051
- EPSS 1.37%
- Veröffentlicht 01.03.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:54
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
- EPSS 3.58%
- Veröffentlicht 01.03.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:54
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
- EPSS 62.68%
- Veröffentlicht 09.02.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:45
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
- EPSS 3.82%
- Veröffentlicht 09.02.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:47
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
- EPSS 5.84%
- Veröffentlicht 09.02.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:47
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
- EPSS 9.33%
- Veröffentlicht 27.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:36
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabili...
- EPSS 6.21%
- Veröffentlicht 27.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:36
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by C...
CVE-2004-1340
- EPSS 0.4%
- Veröffentlicht 26.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:30
Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.
CVE-2005-0102
- EPSS 3.18%
- Veröffentlicht 24.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:30
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
CVE-2004-0770
- EPSS 0.34%
- Veröffentlicht 10.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:20
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.