CVSS: 9.8EPSS: 17%CPEs: 74EXPL: 0CVE-2004-0803
https://notcve.org/view.php?id=CVE-2004-0803
26 Oct 2004 — Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Múltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de búfer, permite a atacantes remotos ejecutar código arbitrario mediante ficheros TIFF. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 7.5EPSS: 11%CPEs: 75EXPL: 1CVE-2004-0886
https://notcve.org/view.php?id=CVE-2004-0886
26 Oct 2004 — Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2004-0834
https://notcve.org/view.php?id=CVE-2004-0834
20 Oct 2004 — Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. Vulnerabilidad de cadena de formato en Speedtouch USB driver anteriores a 1.3.1 permite a usuarios locales ejecutar código de su elección mediante modem_run pppoa2, o pppoa3 • http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734 •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2004-0975
https://notcve.org/view.php?id=CVE-2004-0975
20 Oct 2004 — The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302 •
CVSS: 8.8EPSS: 6%CPEs: 73EXPL: 0CVE-2004-0802
https://notcve.org/view.php?id=CVE-2004-0802
24 Sep 2004 — Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. • http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup •
CVSS: 9.1EPSS: 3%CPEs: 73EXPL: 0CVE-2004-0817
https://notcve.org/view.php?id=CVE-2004-0817
17 Sep 2004 — Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 •
CVSS: 8.8EPSS: 3%CPEs: 73EXPL: 0CVE-2004-0827
https://notcve.org/view.php?id=CVE-2004-0827
16 Sep 2004 — Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. • http://secunia.com/advisories/28800 •
CVSS: 9.1EPSS: 1%CPEs: 27EXPL: 0CVE-2004-0746
https://notcve.org/view.php?id=CVE-2004-0746
14 Sep 2004 — Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. Konqueror en KDE 3.2.3 Y anteriores pemiten a sitios web establecer cookies para dominios de nivel superior específicos de países, como ltd.uk o com.es, lo que podría permitir a atacantes remotos realizar un ataque de fijación de sesión y secuestrar una sesión... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864 •
CVSS: 7.5EPSS: 9%CPEs: 27EXPL: 0CVE-2004-0807
https://notcve.org/view.php?id=CVE-2004-0807
13 Sep 2004 — Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. • ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2004-0565
https://notcve.org/view.php?id=CVE-2004-0565
08 Jul 2004 — Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit. Fuga de información de punto flotante en el código de cambio de contexto de Linux 2.4.x sólo comprueba el bit MFH pero no verifica el propietario de FPH, lo que permite a usuarios locales leer valores de registros de otros procesos estableciendo el bit MFH. • http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html •