Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hp\-Ux
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 293 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-01-14 | CVE-2004-1764 | Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. | Hp\-Ux | N/A | ||
| 2004-12-23 | CVE-2004-1375 | Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges. | Hp\-Ux | N/A | ||
| 2004-12-31 | CVE-2004-1332 | Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. | Hp\-Ux, Hp\-Ux_series_700, Hp\-Ux_series_800, Sis, Vvos | N/A | ||
| 2004-12-31 | CVE-2004-1328 | Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges. | Hp\-Ux | N/A | ||
| 2005-03-01 | CVE-2004-1029 | The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. | Linux, Linux, Hp\-Ux, Java_sdk\-Rte, Jdk, Jre, Enterprise_firewall, Gateway_security_5400 | N/A | ||
| 2005-02-09 | CVE-2004-0965 | stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. | Hp\-Ux | N/A | ||
| 2004-12-31 | CVE-2004-0952 | HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption. | Hp\-Ux | N/A | ||
| 2004-12-31 | CVE-2004-0826 | Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | Hp\-Ux, Network_security_services, Certificate_server, Directory_server, Enterprise_server, Personalization_engine, Java_enterprise_system, Java_system_application_server, One_application_server, One_web_server | N/A | ||
| 2004-08-06 | CVE-2004-0716 | Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data. | Hp\-Ux | N/A | ||
| 2003-12-31 | CVE-2003-1461 | Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473). | Hp\-Ux | N/A |