CyberSec.Space Logo
CVEブラウザに戻る

CVE-2004-0524

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0250%
EPSS Percentile27.89th
Published2004年8月6日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=108222863917958&w=2
🔗 http://marc.info/?l=bugtraq&m=108311782032370&w=2
🔗 http://secunia.com/advisories/11415
🔗 http://www.securityfocus.com/bid/10166
🔗 http://www.squirrelmail.org/plugin_view.php?id=117
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/15889
🔗 http://marc.info/?l=bugtraq&m=108222863917958&w=2
🔗 http://marc.info/?l=bugtraq&m=108311782032370&w=2

関連する脆弱性情報

CVE-2004-129010.0

Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a...

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-106710.0

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may al...