CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1053

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0230%
EPSS Percentile8.98th
PublishedMar 1, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Freebsd

Fetch

All versions

References & Advisories

πŸ”— ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:16.fetch.asc
πŸ”— http://www.securityfocus.com/bid/11702
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18160
πŸ”— ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:16.fetch.asc
πŸ”— http://www.securityfocus.com/bid/11702
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18160

Related Vulnerabilities

CVE-2004-101310.0

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arb...

CVE-2004-121110.0

Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (a...

CVE-2019-1302010.0

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse....

CVE-2006-026010.0

Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as...