|
352501
|
- |
|
oracle
|
application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i
|
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-reada…
|
CWE-200
Information Exposure
|
CVE-2004-1367
|
2016-10-18 11:53 |
2004-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352502
|
- |
|
gnu
|
glibc
|
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
|
NVD-CWE-Other
|
CVE-2004-1382
|
2016-10-18 11:53 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352503
|
- |
|
hylafax
|
hylafax
|
hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostnam…
|
NVD-CWE-Other
|
CVE-2004-1182
|
2016-10-18 11:52 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352504
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2…
|
NVD-CWE-Other
|
CVE-2004-1229
|
2016-10-18 11:52 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352505
|
- |
|
atari800
debian
|
atari800
debian_linux
|
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
|
NVD-CWE-Other
|
CVE-2004-1076
|
2016-10-18 11:51 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352506
|
- |
|
rssh
gentoo
|
rssh
linux
|
rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) …
|
NVD-CWE-Other
|
CVE-2004-1161
|
2016-10-18 11:51 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352507
|
- |
|
ssmtp
|
ssmtp
|
The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file.
|
NVD-CWE-Other
|
CVE-2004-0423
|
2016-10-18 11:45 |
2004-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352508
|
- |
|
microsoft
|
ie
|
Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which trig…
|
NVD-CWE-Other
|
CVE-2004-0479
|
2016-10-18 11:45 |
2004-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352509
|
- |
|
yabb
|
yabb
|
Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter.
|
NVD-CWE-Other
|
CVE-2004-0344
|
2016-10-18 11:44 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352510
|
- |
|
lionmax_software
|
www_file_share_pro
|
Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter…
|
NVD-CWE-Other
|
CVE-2004-0059
|
2016-10-18 11:40 |
2004-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
