Known Vulnerabilities for products from Midnight Commander
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Midnight Commander".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2005-0763 | Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code. | 4.6 - MEDIUM | 2005-05-02 | 2008-09-05 |
| CVE-2004-1176 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of servic... | 7.5 - HIGH | 2005-04-14 | 2017-07-11 |
| CVE-2004-1175 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly ... | 7.5 - HIGH | 2005-04-14 | 2017-07-19 |
| CVE-2004-1174 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-e... | 5 - MEDIUM | 2005-04-14 | 2017-07-11 |
| CVE-2004-1093 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed mem... | 5 - MEDIUM | 2005-04-14 | 2017-07-11 |
| CVE-2004-1092 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unalloc... | 5 - MEDIUM | 2005-04-14 | 2017-07-11 |
| CVE-2004-1091 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null derefere... | 5 - MEDIUM | 2005-04-14 | 2017-07-11 |
| CVE-2004-1090 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header... | 5 - MEDIUM | 2005-04-14 | 2017-07-11 |
| CVE-2004-1009 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown a... | 5 - MEDIUM | 2005-04-14 | 2017-07-11 |
| CVE-2004-1005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | 7.5 - HIGH | 2005-04-14 | 2017-07-11 |
| CVE-2004-1004 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknow... | 7.5 - HIGH | 2005-04-14 | 2017-07-11 |
| CVE-2004-0232 | Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of servi... | 5 - MEDIUM | 2004-08-18 | 2017-07-11 |
| CVE-2004-0231 | Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file an... | 2.1 - LOW | 2004-08-18 | 2017-07-11 |
| CVE-2004-0226 | Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute... | 10 - HIGH | 2004-08-18 | 2017-07-11 |
| CVE-2003-1023 | Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and pos... | 7.5 - HIGH | 2004-01-20 | 2017-10-11 |
| CVE-2001-1429 | Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) an... | 4.6 - MEDIUM | 2001-11-12 | 2017-07-11 |
| CVE-2000-1109 | Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory,... | 4.6 - MEDIUM | 2001-01-09 | 2017-10-10 |
| CVE-2000-1108 | cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, whic... | 4.6 - MEDIUM | 2001-01-09 | 2017-10-10 |
| CVE-1999-1337 | FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the worl... | 4.6 - MEDIUM | 1999-08-01 | 2016-10-18 |
| CVE-1999-0480 | Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack. | 2.1 - LOW | 1999-04-01 | 2022-08-17 |