CVSS: 6.8EPSS: 1%CPEs: 21EXPL: 2CVE-2004-0520 – SquirrelMail 1.x - Email Header HTML Injection
https://notcve.org/view.php?id=CVE-2004-0520
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en mime.php de SquirrelMail anteriores a 1.4.3 permite a atacantes remotos insertar HTML y script de su elección mediante la cabecera de correo Content-Type, como se ha demostrado usando read_body.php. • https://www.exploit-db.com/exploits/24160 ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858 http://marc.info/?l=bugtraq&m=108611554415078&w=2 http://marc.info/?l=squirrelmail-cvs&m=108532891231712 http://rhn.redhat.com/errata/RHSA-2004-240.html http://secunia.com/advisories/11870 http://secunia.com/advisories/12289 http://www.debian.org/security/2004/dsa-535 http://www.gentoo&# •
CVSS: 10.0EPSS: 3%CPEs: 5EXPL: 0CVE-2004-0507
https://notcve.org/view.php?id=CVE-2004-0507
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code. Desbordamiento de búfer en el diseccionador de MSSE de Ethereal 1.10.1 a 0.10.3 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código de su elección. • ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 http://rhn.redhat.com/errata/RHSA-2004-234.html http://secunia.com/advisories/11608 http://secunia.com/advisories/11776 http://secunia.com/advisories/11836 http://security.gentoo.org/glsa/glsa-200406-01.xml http://securitytracker.com/id?1010158 http://www.ciac.o •
CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 0CVE-2004-0505
https://notcve.org/view.php?id=CVE-2004-0505
The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors. El diseccionador AIM en Ethereal 0.10.3 permite a atacantes remotos causar una denegación de servicio (fallo en aserción) mediante vectores de ataque desconocidos. • ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 http://secunia.com/advisories/11608 http://secunia.com/advisories/11776 http://secunia.com/advisories/11836 http://security.gentoo.org/glsa/glsa-200406-01.xml http://securitytracker.com/id?1010158 http://www.ciac.org/ciac/bulletins/o-150.shtml http://www.ethereal&# •
CVSS: 10.0EPSS: 26%CPEs: 31EXPL: 0CVE-2004-0523
https://notcve.org/view.php?id=CVE-2004-0523
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. Múltiples desbordamientos de búfer en krb5_aname_to_localname en MIT Kerberos 5 (krb5) 1.3.3 y anteriores permite a atacantes remtos ejecutar código de su elección como root • ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860 http://lwn.net/Articles/88206 http://marc.info/?l=bugtraq&m=108612325909496&w=2 http://marc.info/?l=bugtraq&m=108619161815320&w=2 http://marc.info/?l=bugtraq&m=108619250923790&w=2 http://sunsolve.sun.com/search/document.do? •
CVSS: 2.1EPSS: 0%CPEs: 28EXPL: 0CVE-2004-0231
https://notcve.org/view.php?id=CVE-2004-0231
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." Múltiples vulnerabilidades en Midnight Commander (mc) anteriores a 4.6.0, con impacto desconocido, relacionadas con "creación insegura de ficheros y directorios temporales." • http://security.gentoo.org/glsa/glsa-200405-21.xml http://www.debian.org/security/2004/dsa-497 http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 http://www.novell.com/linux/security/advisories/2004_12_mc.html http://www.redhat.com/support/errata/RHSA-2004-172.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16020 https://access.redhat.com/security/cve/CVE-2004-0231 https://bugzilla.redhat.com/show_bug.cgi?id=1617180 •