CVSS: 10.0EPSS: 18%CPEs: 34EXPL: 0CVE-2004-0903
https://notcve.org/view.php?id=CVE-2004-0903
24 Sep 2004 — Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. • http://bugzilla.mozilla.org/show_bug.cgi?id=257314 •
CVSS: 8.1EPSS: 3%CPEs: 27EXPL: 0CVE-2004-0866
https://notcve.org/view.php?id=CVE-2004-0866
16 Sep 2004 — Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. • http://marc.info/?l=bugtraq&m=109536612321898&w=2 •
CVSS: 9.6EPSS: 5%CPEs: 62EXPL: 1CVE-2004-0905
https://notcve.org/view.php?id=CVE-2004-0905
14 Sep 2004 — Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. • http://bugzilla.mozilla.org/show_bug.cgi?id=250862 •
CVSS: 5.5EPSS: 0%CPEs: 77EXPL: 2CVE-2002-2185
https://notcve.org/view.php?id=CVE-2002-2185
31 Dec 2002 — The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. • ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-2259
https://notcve.org/view.php?id=CVE-2002-2259
31 Dec 2002 — Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors. • http://www.securityfocus.com/bid/6329 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2002-0768
https://notcve.org/view.php?id=CVE-2002-0768
12 Aug 2002 — Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command. • http://www.iss.net/security_center/static/9130.php •
CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One
https://notcve.org/view.php?id=CVE-2002-0083
15 Mar 2002 — Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 • CWE-193: Off-by-one Error •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2002-0062
https://notcve.org/view.php?id=CVE-2002-0062
08 Mar 2002 — Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." El desbordamiento del búfer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en él, permite a usuarios locales la obtención de privilegios. • http://www.debian.org/security/2002/dsa-113 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 46EXPL: 2CVE-2002-0004 – AT 3.1.8 - Formatted Time Heap Overflow
https://notcve.org/view.php?id=CVE-2002-0004
27 Feb 2002 — Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. Corrupción de memoria en el comando "at" permite que usuarios locales ejecuten código arbitrario haciendo uso de un tiempo de ejecución mal escrito (lo que provoca que at libere la misma memoria dos veces). • https://www.exploit-db.com/exploits/21229 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2001-0872
https://notcve.org/view.php?id=CVE-2001-0872
21 Dec 2001 — OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. OpenSSH 3.0.1 y anteriores con UseLogin activado no limpia variables de entorno críticas como LD_PRELOAD, lo que permite a usuario locales ganar privilegios de root. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt •