CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1107
https://notcve.org/view.php?id=CVE-2004-1107
01 Dec 2004 — dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. dispatch-conf en Portage 2.0.51-r2 y anteriores permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlaces simbólicos en ficheros temporales. • http://bugs.gentoo.org/show_bug.cgi?id=69147 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1108
https://notcve.org/view.php?id=CVE-2004-1108
01 Dec 2004 — qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory. • http://bugs.gentoo.org/show_bug.cgi?id=68846 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2004-1110
https://notcve.org/view.php?id=CVE-2004-1110
01 Dec 2004 — The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file. • http://bugs.gentoo.org/show_bug.cgi?id=70310 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1115
https://notcve.org/view.php?id=CVE-2004-1115
01 Dec 2004 — The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. • http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1116
https://notcve.org/view.php?id=CVE-2004-1116
01 Dec 2004 — The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. • http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1117
https://notcve.org/view.php?id=CVE-2004-1117
01 Dec 2004 — The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. • http://www.gentoo.org/security/en/glsa/glsa-200411-26.xml •
CVSS: 10.0EPSS: 12%CPEs: 8EXPL: 0CVE-2004-0947
https://notcve.org/view.php?id=CVE-2004-0947
24 Nov 2004 — Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames. • http://lwn.net/Articles/121827 •
CVSS: 9.8EPSS: 35%CPEs: 157EXPL: 1CVE-2004-1029 – Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass
https://notcve.org/view.php?id=CVE-2004-1029
24 Nov 2004 — The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2004-1030
https://notcve.org/view.php?id=CVE-2004-1030
24 Nov 2004 — fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message. • http://security.gentoo.org/glsa/glsa-200411-27.xml •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2004-1031
https://notcve.org/view.php?id=CVE-2004-1031
24 Nov 2004 — fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ. • http://security.gentoo.org/glsa/glsa-200411-27.xml •