CVE-2004-0226

Published: Aug 18, 2004Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

Affected (28)

Products: Midnight Commander: Midnight Commander · Sgi: Propack · Gentoo: Linux · +1 more

Show all products

Midnight Commander: Midnight Commander · Sgi: Propack · Gentoo: Linux · Slackware: Slackware Linux

Midnight Commander

1 product

Midnight Commander

1 product

1 product

1 product

Slackware Linux

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Midnight Commander Midnight Commander	Version 4.5.40
Midnight Commander Midnight Commander	Version 4.5.41
Midnight Commander Midnight Commander	Version 4.5.42
Midnight Commander Midnight Commander	Version 4.5.43
Midnight Commander Midnight Commander	Version 4.5.44
Midnight Commander Midnight Commander	Version 4.5.45
Midnight Commander Midnight Commander	Version 4.5.46
Midnight Commander Midnight Commander	Version 4.5.47
Midnight Commander Midnight Commander	Version 4.5.48
Midnight Commander Midnight Commander	Version 4.5.49
Midnight Commander Midnight Commander	Version 4.5.50
Midnight Commander Midnight Commander	Version 4.5.51
Midnight Commander Midnight Commander	Version 4.5.52
Midnight Commander Midnight Commander	Version 4.5.55
Midnight Commander Midnight Commander	Version 4.6
Sgi Propack	Version 2.3
Sgi Propack	Version 2.4

Configuration B

11 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	Version 0.5
Gentoo Linux	Version 0.7
Gentoo Linux	Version 1.1a
Gentoo Linux	Version 1.2
Gentoo Linux	Version 1.4
Gentoo Linux	Version 1.4 rc1
Gentoo Linux	Version 1.4 rc2
Gentoo Linux	Version 1.4 rc3
Slackware Slackware Linux	All versions
Slackware Slackware Linux	Version 9.0
Slackware Slackware Linux	Version 9.1

References (12)

http://security.gentoo.org/glsa/glsa-200405-21.xml

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-497

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2004:039

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2004_12_mc.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-172.html

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16016

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200405-21.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2004/dsa-497

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDKSA-2004:039

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2004_12_mc.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-172.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/16016

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.