CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2004-1091 – dsa-639.txt
https://notcve.org/view.php?id=CVE-2004-1091
16 Jan 2005 — Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos causar la Denegación de Servicio (DoS) provocando una referencia nula. Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debia... • http://secunia.com/advisories/13863 •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2004-1092 – dsa-639.txt
https://notcve.org/view.php?id=CVE-2004-1092
16 Jan 2005 — Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. • http://secunia.com/advisories/13863 •
CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2004-1093 – dsa-639.txt
https://notcve.org/view.php?id=CVE-2004-1093
16 Jan 2005 — Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. • http://secunia.com/advisories/13863 •
CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2004-1174 – dsa-639.txt
https://notcve.org/view.php?id=CVE-2004-1174
16 Jan 2005 — direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. • http://secunia.com/advisories/13863 •
CVSS: 9.8EPSS: 0%CPEs: 47EXPL: 0CVE-2004-1175 – dsa-639.txt
https://notcve.org/view.php?id=CVE-2004-1175
16 Jan 2005 — fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. • http://secunia.com/advisories/13863 •
CVSS: 9.8EPSS: 2%CPEs: 47EXPL: 0CVE-2004-1176 – dsa-639.txt
https://notcve.org/view.php?id=CVE-2004-1176
16 Jan 2005 — Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. • http://secunia.com/advisories/13863 •
CVSS: 9.8EPSS: 5%CPEs: 15EXPL: 0CVE-2004-0991
https://notcve.org/view.php?id=CVE-2004-0991
11 Jan 2005 — Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files. • http://secunia.com/advisories/13779 •
CVSS: 7.0EPSS: 0%CPEs: 147EXPL: 6CVE-2004-1235 – Linux Kernel 2.4.x/2.6.x - 'uselib()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1235
07 Jan 2005 — Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA. • https://packetstorm.news/files/id/35641 •
CVSS: 9.8EPSS: 2%CPEs: 17EXPL: 0CVE-2004-1476
https://notcve.org/view.php?id=CVE-2004-1476
31 Dec 2004 — Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. • http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml •
CVSS: 9.8EPSS: 25%CPEs: 35EXPL: 1CVE-2004-1491 – Opera Web Browser 7.54 - 'KDE KFMCLIENT' Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1491
31 Dec 2004 — Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. • https://www.exploit-db.com/exploits/24828 •