CVSS: 10.0EPSS: 13%CPEs: 34EXPL: 0CVE-2004-0903
https://notcve.org/view.php?id=CVE-2004-0903
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. • http://bugzilla.mozilla.org/show_bug.cgi?id=257314 http://marc.info/?l=bugtraq&m=109698896104418&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml http://www.kb.cert.org/vuls/id/414240 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.securityfocus.com/bid/11174 http://www.us-cert.gov/cas/techalerts& •
CVSS: 10.0EPSS: 56%CPEs: 34EXPL: 0CVE-2004-0902
https://notcve.org/view.php?id=CVE-2004-0902
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. • http://bugzilla.mozilla.org/show_bug.cgi?id=226669 http://bugzilla.mozilla.org/show_bug.cgi?id=245066 http://bugzilla.mozilla.org/show_bug.cgi?id=256316 http://bugzilla.mozilla.org/show_bug.cgi?id=258005 http://marc.info/? •
CVSS: 4.6EPSS: 2%CPEs: 62EXPL: 1CVE-2004-0905
https://notcve.org/view.php?id=CVE-2004-0905
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. • http://bugzilla.mozilla.org/show_bug.cgi?id=250862 http://marc.info/?l=bugtraq&m=109698896104418&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://security.gentoo.org/glsa/glsa-200409-26.xml http://www.kb.cert.org/vuls/id/651928 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.securityfocus.com/bid/11177 http://www.us-cert.gov/cas/techalerts& •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2004-0619
https://notcve.org/view.php?id=CVE-2004-0619
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow. Desbordamiento de enteros en la función ubsec_keysetup del controlador de Linux Broadcom 5820 cryptonet permite a usuarios locales causar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante una variable add_dsa_buf_bytes negativa, lo que conduce a un desbordamiento de búfer. • http://marc.info/?l=bugtraq&m=108802653409053&w=2 http://secunia.com/advisories/11936 http://www.ciac.org/ciac/bulletins/p-047.shtml http://www.redhat.com/support/errata/RHSA-2004-549.html http://www.redhat.com/support/errata/RHSA-2005-283.html http://www.securityfocus.com/bid/10599 https://exchange.xforce.ibmcloud.com/vulnerabilities/16459 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773 https://access.redhat.com/security/cve/CVE-2 •
CVSS: 10.0EPSS: 2%CPEs: 28EXPL: 0CVE-2004-0461
https://notcve.org/view.php?id=CVE-2004-0461
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. El demonio DHCP (DHCPD) de ISC DHCP 3.0.1rc12 y 3.0.1rc13, cuando se compila en entornos que no proveen la función vsnprintf, usa ficheros de inclusión de C que definen vsnprintf usando la función menos segura vsprintf, lo que puede ocasionar vulnerabilidades de desbordamiento de búfer que permitan una denegación de servicio (caída del servidor) y la ejecución de código arbitrario. • http://marc.info/?l=bugtraq&m=108795911203342&w=2 http://marc.info/?l=bugtraq&m=108843959502356&w=2 http://marc.info/?l=bugtraq&m=108938625206063&w=2 http://secunia.com/advisories/23265 http://www.kb.cert.org/vuls/id/654390 http://www.mandriva.com/security/advisories?name=MDKSA-2004:061 http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html http://www.securityfocus.com/bid/10591 http://www.us-cert.gov/cas/techalerts/TA04-174A.html http:/ •