CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1336
https://notcve.org/view.php?id=CVE-2004-1336
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286370 http://marc.info/?l=bugtraq&m=110383942014839&w=2 http://www.securityfocus.com/bid/12100 https://exchange.xforce.ibmcloud.com/vulnerabilities/18708 •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 1CVE-2004-1304 – File ELF 4.x - Header Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1304
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. • https://www.exploit-db.com/exploits/24784 http://securitytracker.com/id?1012433 http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml http://www.securityfocus.com/bid/11771 http://www.trustix.net/errata/2004/0063 https://exchange.xforce.ibmcloud.com/vulnerabilities/18368 •
CVSS: 7.5EPSS: 4%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/539110 http://www.us-cert.gov/cas/techalerts/TA05-136A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 https: •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2004-1025
https://notcve.org/view.php?id=CVE-2004-1025
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. Múltiples desbordamientos de búfer basados en el montón en imlib 1.9.14 y anteriores, que es usado en gkrellm y varios gestores de ventas, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y ejecutar código de su elección mediante ciertos ficheros de imágenes. • http://www.mandriva.com/security/advisories?name=MDKSA-2005:007 http://www.redhat.com/support/errata/RHSA-2004-651.html http://www.securityfocus.com/bid/11830 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10786 https://access.redhat.com/security/cve/CVE-2004-1025 https://bugzilla.redhat.com/show_bug.cgi?id=1617354 •
CVSS: 10.0EPSS: 8%CPEs: 40EXPL: 0CVE-2004-0914 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0914
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. Múltiples vulnerabilidades en libXpm 6.8.1 y anteriores, usada en XFree86 y otros paquetes, incluyendo (1) múltiples desbordamientos de enteros, (2) accesos de memoria fuera de límites, (3) atravesamiento de directorios, (4) metacaractéres de shell, (5) bucles infinitos, y (6) filtraciones de memoria podrían permitir a atacantes remotos obtener información sensible, causar una denegación de servicio (caída de aplicación) o ejecutar código de su elección mediante un cierto fichero de imagen XPM. • http://rhn.redhat.com/errata/RHSA-2004-537.html http://secunia.com/advisories/13224 http://www.debian.org/security/2004/dsa-607 http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml http://www.linuxsecurity.com/content/view/106877/102 http://www.mandriva.com/security/advisories?name=MDKSA-2004:137 http://www.redhat.com/archives/fedora-legacy- •