CVSS: 10.0EPSS: 16%CPEs: 23EXPL: 1CVE-2004-1011 – cryus.imap.2.2.8.txt
https://notcve.org/view.php?id=CVE-2004-1011
24 Nov 2004 — Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. Desbordamiento basado en la pila en Cyrus IMAP Server 2.2.4 a 2.2.8, con la opción imapmagicplus establecida, permite a atacantes remotos ejecuta código de su elección mediante un comando PROXY o LOGIN largo, una vulnerabilidad distinta de CAN-2004-1015. Cryus v2.... • https://packetstorm.news/files/id/36883 •
CVSS: 10.0EPSS: 10%CPEs: 23EXPL: 1CVE-2004-1012 – cryus.imap.2.2.8.txt
https://notcve.org/view.php?id=CVE-2004-1012
24 Nov 2004 — The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. El procesador de argumentos de la orden PARTIAL de Cyrus IMAP Server 2.2.6 y anteriores permite a usuarios remotos autentificados ejecutar código de su elección mediante una cierta orden ("body[p") ... • https://packetstorm.news/files/id/36883 •
CVSS: 10.0EPSS: 33%CPEs: 27EXPL: 0CVE-2004-0882 – Trustix Secure Linux Security Advisory 2004.58
https://notcve.org/view.php?id=CVE-2004-0882
19 Nov 2004 — Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. Samba versions 3 through 3.0.7 suffer from a buffer overflow inside the QFILEPATHINFO request handler. This vulnerability allows for remote code execution. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 6.5EPSS: 6%CPEs: 30EXPL: 1CVE-2004-0930 – Trustix Secure Linux Security Advisory 2004.58
https://notcve.org/view.php?id=CVE-2004-0930
10 Nov 2004 — The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. Remote exploitation of an input validation error in Samba could allow an attacker to consume system resources and potentially cause the target system to crash. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 9.1EPSS: 0%CPEs: 16EXPL: 0CVE-2004-0884 – Debian Linux Security Advisory 568-1
https://notcve.org/view.php?id=CVE-2004-0884
13 Oct 2004 — The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs. A vulnerability has been discovered in the Cyrus implementation of the SASL library, the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. The library honors the environment variable... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134657 •
CVSS: 9.8EPSS: 4%CPEs: 86EXPL: 0CVE-2005-0373
https://notcve.org/view.php?id=CVE-2005-0373
07 Oct 2004 — Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. • http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml •
CVSS: 10.0EPSS: 20%CPEs: 38EXPL: 0CVE-2004-0904
https://notcve.org/view.php?id=CVE-2004-0904
24 Sep 2004 — Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. • http://bugzilla.mozilla.org/show_bug.cgi?id=255067 •
CVSS: 10.0EPSS: 18%CPEs: 34EXPL: 0CVE-2004-0903
https://notcve.org/view.php?id=CVE-2004-0903
24 Sep 2004 — Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. • http://bugzilla.mozilla.org/show_bug.cgi?id=257314 •
CVSS: 8.8EPSS: 6%CPEs: 73EXPL: 0CVE-2004-0802 – dsa-552.txt
https://notcve.org/view.php?id=CVE-2004-0802
24 Sep 2004 — Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. A heap overflow in imlib2 can be utilized by an attacker to execute arbitrary code on the victims machine. • http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup •
CVSS: 10.0EPSS: 18%CPEs: 34EXPL: 0CVE-2004-0902
https://notcve.org/view.php?id=CVE-2004-0902
24 Sep 2004 — Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. • http://bugzilla.mozilla.org/show_bug.cgi?id=226669 •