Monthly Archive: January 2004

Unknown vulnerability in Safari web browser in Mac OS X 10.2.8 and 10.3.2, with unknown impact. Date published : 2004-01-29 http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://www.securityfocus.com/bid/9504

The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087. Date published : 2004-01-29 http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://www.securityfocus.com/bid/9504

The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify network settings, a different vulnerability than CVE-2004-0088. Date published : 2004-01-29 http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://www.securityfocus.com/bid/9504

Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2004-0085. Date published : 2004-01-29 http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://www.securityfocus.com/bid/9504

Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086. Date published : 2004-01-29 http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html http://www.securityfocus.com/bid/9504

Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges. Date published : 2004-01-29 http://www.securityfocus.com/bid/9520 http://www.debian.org/security/2004/dsa-430

Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer...

Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service...

Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection,...

Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured to use the "Name" column and sort using the column title as a hyperlink, allows remote attackers to cause a denial of...

Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation." Date...

The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different...

** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via...

Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949. Date published...