Home Packages KEV Critical Insights Jobs Pricing

Loading…

Data from OSV.dev, CISA KEV, and FIRST EPSS.Sync status GitHub

CVE-2004-1004 — mc - several · VulnScope

CVE-2004-1004

mc - several

EPSS 0.95%

Description

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

How to fix CVE-2004-1004

To remediate CVE-2004-1004, upgrade the affected package to a fixed version below.

Debian/mc—upgrade to 1:4.6.0-4.6.1-pre3-1 or later
Debian/mc—upgrade to 4.5.55-1.2woody5 or later

Is CVE-2004-1004 being exploited?

Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 1:4.6.0-4.6.1-pre3-1
from 0, < 4.5.55-1.2woody5

References (1)

ADVISORYsecurity-tracker.debian.org/tracker/CVE-2004-1004

Metadata

Published: 4/14/2005
Modified: 3/9/2026

Also known as:

DSA-639-1dsa
DEBIAN-CVE-2004-1004debian