CVSS: 9.1EPSS: 0%CPEs: 123EXPL: 0CVE-2004-1072
https://notcve.org/view.php?id=CVE-2004-1072
01 Dec 2004 — The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. El cargador binfmt_elf (binfmt_elf.c) del kernel de Linux 2.4.x hasta 2.4.27, y 2.6.x a 2.6.8 puede crear una cadena de nombre de intérprete sin terminador nulo, lo q... • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 5.5EPSS: 0%CPEs: 123EXPL: 2CVE-2004-1074 – Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure
https://notcve.org/view.php?id=CVE-2004-1074
01 Dec 2004 — The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. La funcionalidad binfmt en el kernel de linux, cuando está establecido memory overcommit, permite a usuarios locales causar una denegación de servicio (kernel oops) mediante un binario a.out malformado. • https://www.exploit-db.com/exploits/24777 •
CVSS: 5.5EPSS: 0%CPEs: 123EXPL: 1CVE-2004-1073 – Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read
https://notcve.org/view.php?id=CVE-2004-1073
01 Dec 2004 — The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. La función open_exec en la funcionalidad execve (exec.c) en el kernel de Linux 2.4.x hasta 2.3.27, y 2.6.x hasta 2.6.8, permite a usuarios locales leer binarios ELF no legibles usando la funcionalidad de intérprete (PT_INTERP).. • https://www.exploit-db.com/exploits/624 •
CVSS: 7.8EPSS: 0%CPEs: 123EXPL: 0CVE-2004-1071
https://notcve.org/view.php?id=CVE-2004-1071
01 Dec 2004 — The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. El cargador binfmt_loader (binfmt_elf.c) del kernel de Linux 2.4.x a 2.4.27, y 2.6.x a 2.6.8 no maneja adecuadamente una llamada fallida a la función nmap, lo que produce una imagen incorrectamente mapeada y puede permitir a usuarios locales ejecutar código de su... • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 9.1EPSS: 14%CPEs: 124EXPL: 0CVE-2004-0883
https://notcve.org/view.php?id=CVE-2004-0883
01 Dec 2004 — Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header siz... • http://marc.info/?l=bugtraq&m=110072140811965&w=2 •
CVSS: 9.8EPSS: 7%CPEs: 74EXPL: 0CVE-2004-0803
https://notcve.org/view.php?id=CVE-2004-0803
26 Oct 2004 — Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Múltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de búfer, permite a atacantes remotos ejecutar código arbitrario mediante ficheros TIFF. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 7.5EPSS: 26%CPEs: 75EXPL: 1CVE-2004-0886
https://notcve.org/view.php?id=CVE-2004-0886
26 Oct 2004 — Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •
CVSS: 10.0EPSS: 3%CPEs: 8EXPL: 0CVE-2004-0929
https://notcve.org/view.php?id=CVE-2004-0929
26 Oct 2004 — Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image. • http://www.idefense.com/application/poi/display?id=154&type=vulnerabilities •
CVSS: 9.8EPSS: 3%CPEs: 86EXPL: 0CVE-2005-0373
https://notcve.org/view.php?id=CVE-2005-0373
07 Oct 2004 — Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. • http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml •
CVSS: 8.1EPSS: 1%CPEs: 27EXPL: 0CVE-2004-0867
https://notcve.org/view.php?id=CVE-2004-0867
24 Sep 2004 — Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. Mozilla Firefox 0.9.2 pemite a sitios web establecer cookies para dominios de nivel superior específicos de países, como .ltd.uk, .plc.uk, y .sch.uk, lo que podría permitir a atacantes remotos realizar ataques de fijac... • http://kuza55.blogspot.com/2008/02/understanding-cookie-security.html • CWE-264: Permissions, Privileges, and Access Controls •