CVSS: 7.5EPSS: 30%CPEs: 48EXPL: 2CVE-2004-0933 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0933
19 Nov 2004 — Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 •
CVSS: 10.0EPSS: 7%CPEs: 36EXPL: 0CVE-2004-0981 – dsa-593.txt
https://notcve.org/view.php?id=CVE-2004-0981
19 Nov 2004 — Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. A vulnerability has been reported for ImageMagick, a commonly used image manipulation library. Due to a boundary error within the EXIF parsing routine, a specially crafted graphic images could lead to the execution of arbitrary code. • http://secunia.com/advisories/12995 •
CVSS: 10.0EPSS: 34%CPEs: 25EXPL: 1CVE-2004-0990 – GD Graphics Library - Local Heap Overflow
https://notcve.org/view.php?id=CVE-2004-0990
28 Oct 2004 — Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. Wait.. No.. what is this? Even more potential integer overflows have been found in the GD graphics library which were not covered by security ad... • https://www.exploit-db.com/exploits/600 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2004-0887
https://notcve.org/view.php?id=CVE-2004-0887
26 Oct 2004 — SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges. • http://secunia.com/advisories/19369 •
CVSS: 10.0EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
26 Oct 2004 — Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 •
CVSS: 10.0EPSS: 4%CPEs: 93EXPL: 0CVE-2004-0888 – dsa-573.txt
https://notcve.org/view.php?id=CVE-2004-0888
26 Oct 2004 — Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. Chris Evans discovered several integer overflows in xpdf, that are also present in CUPS, the Common UNIX Printing System, which can be exploited remotely by a specially crafted PDF document. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 •
CVSS: 10.0EPSS: 8%CPEs: 8EXPL: 0CVE-2004-0929 – iDEFENSE Security Advisory 2004-10-22.t
https://notcve.org/view.php?id=CVE-2004-0929
26 Oct 2004 — Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image. An exploitable heap overflow in the handling of malformed tiff files has been discovered in the latest version of libtiff when JPEG support has been enabled. An attacker can exploit the above-described vulnerability to execute arbitrary code under the permissions of... • http://www.idefense.com/application/poi/display?id=154&type=vulnerabilities •
CVSS: 7.8EPSS: 5%CPEs: 21EXPL: 3CVE-2004-0940 – Apache 1.3.31 mod_include - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0940
26 Oct 2004 — Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. • https://www.exploit-db.com/exploits/587 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 9.8EPSS: 17%CPEs: 74EXPL: 0CVE-2004-0803 – dsa-567.txt
https://notcve.org/view.php?id=CVE-2004-0803
26 Oct 2004 — Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Múltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de búfer, permite a atacantes remotos ejecutar código arbitrario mediante ficheros TIFF. Several problems have been discovered in libtiff, the Ta... • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 7.5EPSS: 11%CPEs: 75EXPL: 1CVE-2004-0886 – dsa-567.txt
https://notcve.org/view.php?id=CVE-2004-0886
26 Oct 2004 — Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. Several problems have been discovered in libtiff, the Tag Image File Format library for processing TIFF graphics files. An attacker could prepare a specially crafted TIFF graphic that would cause the client to execute arbitrary code or crash. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •