2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-1934PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 allows remote attackers to execute arbitrary PHP c...
CVE-2004-0111gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
CVE-2004-0173Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, a...
CVE-2004-0148wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by c...
CVE-2004-0372xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the...
CVE-2004-0217HIGH7The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local u...
CVE-2004-0153Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by...
CVE-2004-0364The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows...
CVE-2004-0362Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, a...
CVE-2004-0224Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and S...
CVE-2004-0108The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on ...
CVE-2004-0107The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via sym...
CVE-2004-0363Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Nor...
CVE-2004-0121Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when ...
CVE-2004-0122Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arb...
CVE-2004-0151Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands.
CVE-2004-0152Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the deco...
CVE-2004-0150Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote att...
CVE-2004-1939Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbitrary web script or ...
CVE-2004-1944Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multip...
CVE-2004-1936ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachment...
CVE-2004-1756BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custo...
CVE-2004-1758BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database ...
CVE-2004-1929SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 allows remote attackers...
CVE-2004-1928The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possib...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now