CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 http://www.securityfocus.com/bid/11501 https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 •
CVE-2004-0886
https://notcve.org/view.php?id=CVE-2004-0886
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 http://marc.info/?l=bugtraq&m=109779465621929&w=2 http://secunia.com/advisories/12818 http://securitytracker.com/id?1011674 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do? •
CVE-2004-0803
https://notcve.org/view.php?id=CVE-2004-0803
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Múltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de búfer, permite a atacantes remotos ejecutar código arbitrario mediante ficheros TIFF. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 http://marc.info/?l=bugtraq&m=109778785107450&w=2 http://scary.beasts.org/security/CESA-2004-006.txt http://secunia.com/advisories/12818 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.debian.org/security/2004/dsa-567 http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml http://www.kb.cert& •
CVE-2004-1613
https://notcve.org/view.php?id=CVE-2004-1613
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. • http://lcamtuf.coredump.cx/mangleme/gallery http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html http://marc.info/?l=bugtraq&m=109811406620511&w=2 http://securitytracker.com/id?1011810 http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.securityfocus.com/bid/11439 https://exchange.xforce.ibmcloud.com/vulnerabilities/17805 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227 •
CVE-2004-0903
https://notcve.org/view.php?id=CVE-2004-0903
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. • http://bugzilla.mozilla.org/show_bug.cgi?id=257314 http://marc.info/?l=bugtraq&m=109698896104418&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml http://www.kb.cert.org/vuls/id/414240 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.securityfocus.com/bid/11174 http://www.us-cert.gov/cas/techalerts& •