CVSS: 9.1EPSS: 0%CPEs: 32EXPL: 3CVE-2005-0156 – Setuid perl - 'PerlIO_Debug()' Local Overflow
https://notcve.org/view.php?id=CVE-2005-0156
07 Feb 2005 — Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. The PerlIO package for Perl 5.8.0 suffers from a flaw where PERLIO_DEBUG is susceptible to a buffer overflow that allows for local root compromise when using setuid perl. • https://packetstorm.news/files/id/36092 •
CVSS: 9.1EPSS: 0%CPEs: 59EXPL: 0CVE-2004-1184 – dsa-654.txt
https://notcve.org/view.php?id=CVE-2004-1184
21 Jan 2005 — The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. Several security problems have been discovered in enscript. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html •
CVSS: 8.8EPSS: 3%CPEs: 57EXPL: 1CVE-2005-0005 – iDEFENSE Security Advisory 2005-01-17.t
https://notcve.org/view.php?id=CVE-2005-0005
18 Jan 2005 — Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. Remote exploitation of a buffer overflow vulnerability in The ImageMagick's Project's ImageMagick PSD image-decoding module could allow an attacker to execute arbitrary code. Versions 6.1.7 and below are affected. • http://marc.info/?l=bugtraq&m=110608222117215&w=2 •
CVSS: 9.8EPSS: 5%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
31 Dec 2004 — Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 •
CVSS: 8.8EPSS: 5%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
21 Dec 2004 — Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 6%CPEs: 61EXPL: 0CVE-2004-1139 – Ethereal Security Advisory 16
https://notcve.org/view.php?id=CVE-2004-1139
15 Dec 2004 — Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). Multiple vulnerabilities in Ethereal versions 0.9.0 to 0.10.7 have been discovered that all result in denial of service outcomes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 •
CVSS: 7.5EPSS: 8%CPEs: 61EXPL: 0CVE-2004-1142 – Ethereal Security Advisory 16
https://notcve.org/view.php?id=CVE-2004-1142
15 Dec 2004 — Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. Multiple vulnerabilities in Ethereal versions 0.9.0 to 0.10.7 have been discovered that all result in denial of service outcomes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 •
CVSS: 9.1EPSS: 6%CPEs: 61EXPL: 0CVE-2004-1145 – KDE Security Advisory 2004-12-20.1
https://notcve.org/view.php?id=CVE-2004-1145
15 Dec 2004 — Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. KDE Security Advisory: Two flaws in the Konqueror webbrowser make it possible to by pass the sandbox environment which is used to run Java-applets. One flaw allows access to restricted Java classes via JavaSc... • http://marc.info/?l=bugtraq&m=110356286722875&w=2 •
CVSS: 6.5EPSS: 1%CPEs: 43EXPL: 4CVE-2004-1613
https://notcve.org/view.php?id=CVE-2004-1613
18 Oct 2004 — Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. • http://lcamtuf.coredump.cx/mangleme/gallery •
CVSS: 6.8EPSS: 3%CPEs: 21EXPL: 2CVE-2004-0639 – SquirrelMail 1.2.x - From Email Header HTML Injection
https://notcve.org/view.php?id=CVE-2004-0639
09 Jul 2004 — Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados en Squirrelmail 1.2.10 y anteriores permiten a atacantes remotos inyectar HTML o script d... • https://www.exploit-db.com/exploits/24167 •