CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1336
https://notcve.org/view.php?id=CVE-2004-1336
23 Dec 2004 — The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286370 •
CVSS: 10.0EPSS: 5%CPEs: 16EXPL: 1CVE-2004-1304 – File ELF 4.x - Header Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1304
22 Dec 2004 — Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. • https://www.exploit-db.com/exploits/24784 •
CVSS: 8.8EPSS: 5%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
21 Dec 2004 — Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 10.0EPSS: 0%CPEs: 40EXPL: 0CVE-2004-0914 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0914
15 Dec 2004 — Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candida... • http://rhn.redhat.com/errata/RHSA-2004-537.html •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2004-1025
https://notcve.org/view.php?id=CVE-2004-1025
15 Dec 2004 — Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. Múltiples desbordamientos de búfer basados en el montón en imlib 1.9.14 y anteriores, que es usado en gkrellm y varios gestores de ventas, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y ejecutar código de su elección mediante cie... • http://www.mandriva.com/security/advisories?name=MDKSA-2005:007 •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2004-1026
https://notcve.org/view.php?id=CVE-2004-1026
10 Dec 2004 — Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. Múltiples desbordamientos de búfer en el manejador de imágenes de imlib 1.9.14 y anteriores, que es usado en gkrellm y varios gestores de ventanas, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y ejecutar código arbitr... • http://www.debian.org/security/2005/dsa-628 •
CVSS: 8.8EPSS: 4%CPEs: 6EXPL: 2CVE-2004-1161 – RSSH 2.x - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2004-1161
10 Dec 2004 — rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S. • https://www.exploit-db.com/exploits/24795 •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1CVE-2004-1162
https://notcve.org/view.php?id=CVE-2004-1162
10 Dec 2004 — The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via the (1) -rshcmd or (2) -sshcmd flags. • http://marc.info/?l=bugtraq&m=110202047507273&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2004-1167
https://notcve.org/view.php?id=CVE-2004-1167
10 Dec 2004 — mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack. • http://secunia.com/advisories/13392 •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 3CVE-2004-0996 – Cscope 13.0/15.x - Insecure Temporary File Creation
https://notcve.org/view.php?id=CVE-2004-0996
01 Dec 2004 — main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. main.c de cscope 15-4 y 15-5 crea ficheros temporales con nombres predecibles, lo que permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos. • https://www.exploit-db.com/exploits/24750 •