Sgi: >> Propack >> 2.4 Security Vulnerabilities
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-04-15
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-04-15
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
CVSS Score
5.0
EPSS Score
0.013
Published
2004-04-15
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
CVSS Score
7.2
EPSS Score
0.0
Published
2004-04-15
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
CVSS Score
7.5
EPSS Score
0.415
Published
2004-03-15
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.498
Published
2004-03-03
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.153
Published
2004-03-03
Page 3