|
269551
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing…
|
NVD-CWE-Other
|
CVE-2004-1410
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269552
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images.
|
NVD-CWE-Other
|
CVE-2004-1414
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269553
|
- |
|
korweblog
|
korweblog
|
Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng…
|
NVD-CWE-Other
|
CVE-2004-1426
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269554
|
- |
|
asante
|
fm2008_managed_ethernet_switch
|
The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access.
|
NVD-CWE-Other
|
CVE-2004-1321
|
2016-10-18 11:53 |
2004-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269555
|
- |
|
oracle
|
application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i
|
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-reada…
|
CWE-200
Information Exposure
|
CVE-2004-1367
|
2016-10-18 11:53 |
2004-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269556
|
- |
|
gnu
|
glibc
|
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
|
NVD-CWE-Other
|
CVE-2004-1382
|
2016-10-18 11:53 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269557
|
- |
|
hylafax
|
hylafax
|
hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostnam…
|
NVD-CWE-Other
|
CVE-2004-1182
|
2016-10-18 11:52 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269558
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2…
|
NVD-CWE-Other
|
CVE-2004-1229
|
2016-10-18 11:52 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269559
|
- |
|
atari800
debian
|
atari800
debian_linux
|
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
|
NVD-CWE-Other
|
CVE-2004-1076
|
2016-10-18 11:51 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269560
|
- |
|
rssh
gentoo
|
rssh
linux
|
rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) …
|
NVD-CWE-Other
|
CVE-2004-1161
|
2016-10-18 11:51 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
