CyberSecurityBoard
Sponsor Register Login

CVE-2004-0389

RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests.

Publication date: Tue, 01 Jun 2004 09:00:00 +0000


Cyber News related to CVE-2004-0389

CVE-2004-0389 - RealNetworks Helix Universal Server 9.0.1 and 9.0.2 allows remote attackers to cause a denial of service (crash) via malformed requests that trigger a null dereference, as demonstrated using (1) GET_PARAMETER or (2) DESCRIBE requests. ...
11 months ago
CVE-2004-1159 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1122, CVE-2004-1314. Reason: this was an out-of-band assignment duplicate intended for one issue, but the description and references inadvertently combined multiple issues. ...
55 years ago Tenable.com
CVE-2004-0868 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candidate is a duplicate of CVE-2004-0866. Notes: The description for CVE-2004-0866 was inadvertently attached to this issue instead. All CVE users should ...
55 years ago Tenable.com
CVE-2005-0389 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0814. Reason: This candidate is a duplicate of CVE-2005-0814. Notes: All CVE users should reference CVE-2005-0814 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2014-6592 - Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389. ...
8 years ago
CVE-2015-0389 - Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592. ...
8 years ago
CVE-2001-0389 - IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument. ...
16 years ago
CVE-2003-0389 - Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request ...
16 years ago
CVE-1999-0389 - Buffer overflow in the bootp server in the Debian Linux netstd package. ...
16 years ago
CVE-2010-0389 - The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method token. Per: ...
15 years ago
CVE-2014-0389 - Unspecified vulnerability in Oracle iLearning 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages. ...
8 years ago
CVE-2016-0389 - Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to obtain sensitive information via unspecified vectors. ...
8 years ago
CVE-2002-0389 - Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. ...
8 years ago
CVE-2017-0389 - A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: ...
8 years ago
CVE-2006-0389 - Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds. ...
7 years ago
CVE-2008-0389 - Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.25, 6.1 through 6.1.0.14, and 5.1.1.x before 5.1.1.18 has unknown impact and attack vectors. ...
7 years ago
CVE-2011-0389 - Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allow remote attackers to cause a denial of service (process crash) via a crafted Real-Time Transport Control Protocol (RTCP) UDP packet, aka Bug ID ...
7 years ago
CVE-2012-0389 - Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the ...
7 years ago
CVE-2009-0389 - Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ...
7 years ago
CVE-2007-0389 - Directory traversal vulnerability in ArsDigita Community System (ACS) 3.4.10 and earlier, and ArsDigita Community Education Solution (ACES) 1.1, allows remote attackers to read arbitrary files via .%252e/ (double-encoded dot dot slash) sequences in ...
6 years ago
CVE-2018-0389 - A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial ...
5 years ago
CVE-2000-0389 - Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. ...
5 years ago
CVE-2019-0389 - An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not ...
4 years ago
CVE-2020-0389 - In createSaveNotification of RecordingService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for ...
3 years ago
CVE-2022-0389 - The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)