CVSS: 6.8EPSS: 4%CPEs: 8EXPL: 0CVE-2004-1106
https://notcve.org/view.php?id=CVE-2004-1106
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Gallery 1.4.4-pl3 y anteriores permite a atacantes remotos ejecutar script web o HTML de su elección mediante "URL s especialmente malformadas", posiblemente mediante un parámetro include en index.php • http://g3cko.info/gallery2-4.patch http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=142&mode=thread&order=0&thold=0 http://www.debian.org/security/2005/dsa-642 http://www.gentoo.org/security/en/glsa/glsa-200411-10.xml http://www.securityfocus.com/bid/11602 https://exchange.xforce.ibmcloud.com/vulnerabilities/17948 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1116
https://notcve.org/view.php?id=CVE-2004-1116
The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. • http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/18149 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1117
https://notcve.org/view.php?id=CVE-2004-1117
The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. • http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/18149 •
CVSS: 2.1EPSS: 0%CPEs: 21EXPL: 3CVE-2004-0996 – Cscope 13.0/15.x - Insecure Temporary File Creation
https://notcve.org/view.php?id=CVE-2004-0996
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. main.c de cscope 15-4 y 15-5 crea ficheros temporales con nombres predecibles, lo que permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos. • https://www.exploit-db.com/exploits/24750 https://www.exploit-db.com/exploits/24749 http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://marc.info/?l=bugtraq&m=110133485519690&w=2 http://secunia.com/advisories/26235 http://www.debian.org/security/2004/dsa-610 http://www.gentoo.org/security/en/glsa/glsa-200412-11.xml http://www.securityfocus.com/archive/1/381443 http://www.securit •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1107
https://notcve.org/view.php?id=CVE-2004-1107
dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. dispatch-conf en Portage 2.0.51-r2 y anteriores permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlaces simbólicos en ficheros temporales. • http://bugs.gentoo.org/show_bug.cgi?id=69147 http://secunia.com/advisories/13108 http://www.gentoo.org/security/en/glsa/glsa-200411-13.xml http://www.securityfocus.com/bid/11616 https://exchange.xforce.ibmcloud.com/vulnerabilities/17986 •