Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Propack
(Sgi)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 54 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-12-21 | CVE-2004-1307 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | Mac_os_x, Mac_os_x_server, Call_management_system_server, Cvlan, Integrated_management, Interactive_response, Intuity_audix_lx, Mn100, Modular_messaging_message_storage_server, Linux, Icontrol_service_manager, Linux, Libtiff, Mandrake_linux, Mandrake_linux_corporate_server, Unixware, Propack, Solaris, Sunos | N/A | ||
| 2005-01-21 | CVE-2004-1184 | The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. | Enscript, Fedora_core, Propack, Suse_linux | N/A | ||
| 2004-12-15 | CVE-2004-1145 | Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | Alt_linux, Linux, Debian_linux, Ethereal, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Propack, Suse_linux | N/A | ||
| 2004-08-06 | CVE-2004-0639 | Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable. | Open_webmail, Propack, Squirrelmail | N/A | ||
| 2004-08-18 | CVE-2004-0521 | SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php. | Propack, Squirrelmail | N/A | ||
| 2004-08-18 | CVE-2004-0520 | Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. | Open_webmail, Propack, Squirrelmail | N/A | ||
| 2004-08-18 | CVE-2004-0519 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. | Propack, Squirrelmail | N/A | ||
| 2004-07-07 | CVE-2004-0424 | Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | Linux_kernel, Propack, Slackware_linux | N/A | ||
| 2004-08-06 | CVE-2004-0418 | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | Cvs, Linux, Openbsd, Openpkg, Propack | N/A | ||
| 2004-08-06 | CVE-2004-0417 | Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | Cvs, Linux, Openbsd, Openpkg, Propack | N/A |