CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2004-1027
https://notcve.org/view.php?id=CVE-2004-1027
Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027348.html http://lwn.net/Articles/121827 http://security.gentoo.org/glsa/glsa-200411-29.xml http://www.debian.org/security/2005/dsa-628 http://www.debian.org/security/2005/dsa-652 http://www.redhat.com/support/errata/RHSA-2005-007.html http://www.securityfocus.com/bid/11436 https://exchange.xforce.ibmcloud.com/vulnerabilities/17684 https://access.redhat.com/security/cve/CVE-2004-1027 https://bugzilla.re •
CVSS: 7.5EPSS: 1%CPEs: 52EXPL: 0CVE-2004-0986
https://notcve.org/view.php?id=CVE-2004-0986
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. • http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html http://www.ciac.org/ciac/bulletins/p-026.shtml http://www.debian.org/security/2004/dsa-580 http://www.mandriva.com/security/advisories?name=MDKSA-2004:125 http://www.securityfocus.com/bid/11570 https://bugzilla.fedora.us/show_bug.cgi?id=2252 https://exchange.xforce.ibmcloud.com/vulnerabilities/17928 https://www.ubuntu.com/usn/usn-81-1 •
CVSS: 10.0EPSS: 7%CPEs: 93EXPL: 0CVE-2004-0888
https://notcve.org/view.php?id=CVE-2004-0888
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 http://marc.info/?l=bugtraq&m=109880927526773&w=2 http://marc.info/?l=bugtraq&m=110815379627883&w=2 http://www.debian.org/security/2004/dsa-573 http://www.debian.org/security/2004/dsa-581 http://www.debian.org/security/2004/dsa-599 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml http://www.mandriva.com/security/ •
CVSS: 10.0EPSS: 4%CPEs: 93EXPL: 0CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 http://www.securityfocus.com/bid/11501 https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 •
CVSS: 10.0EPSS: 16%CPEs: 12EXPL: 7CVE-2004-0964 – Zinf Audio Player 2.2.1 - '.pls' Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2004-0964
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file. • https://www.exploit-db.com/exploits/7887 https://www.exploit-db.com/exploits/16688 https://www.exploit-db.com/exploits/559 https://www.exploit-db.com/exploits/7888 https://www.exploit-db.com/exploits/8267 https://www.exploit-db.com/exploits/17600 http://marc.info/?l=bugtraq&m=109608092609200&w=2 http://marc.info/?l=bugtraq&m=109638486728548&w=2 http://secunia.com/advisories/12656 http://securityreason.com/securityalert/8341 http://www.debian.org/security/200 •