Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-3798 | 6.8 |
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
|
15-10-2024 - 15:35 | 16-07-2007 - 22:30 | |
CVE-2006-2842 | 7.5 |
PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array p
|
07-08-2024 - 18:15 | 06-06-2006 - 20:06 | |
CVE-2006-5051 | 9.3 |
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
|
29-07-2024 - 01:15 | 27-09-2006 - 23:07 | |
CVE-2007-1667 | 9.3 |
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf
|
26-06-2024 - 15:53 | 24-03-2007 - 21:19 | |
CVE-2009-3563 | 6.4 |
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchang
|
19-03-2024 - 21:15 | 09-12-2009 - 18:30 | |
CVE-2009-3720 | 5.0 |
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafte
|
22-02-2024 - 03:40 | 03-11-2009 - 16:30 | |
CVE-2009-0115 | 7.2 |
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket
|
16-02-2024 - 20:28 | 30-03-2009 - 16:30 | |
CVE-2005-2801 | 5.0 |
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
|
16-02-2024 - 16:53 | 06-09-2005 - 17:03 | |
CVE-2008-0411 | 6.8 |
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
|
16-02-2024 - 16:39 | 28-02-2008 - 21:44 | |
CVE-2006-4574 | 5.0 |
Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length valu
|
15-02-2024 - 21:20 | 28-10-2006 - 00:07 | |
CVE-2009-4017 | 5.0 |
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier f
|
15-02-2024 - 21:16 | 24-11-2009 - 00:30 | |
CVE-2009-3547 | 6.9 |
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathna
|
15-02-2024 - 21:12 | 04-11-2009 - 15:30 | |
CVE-2006-5158 | 3.3 |
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference
|
15-02-2024 - 20:23 | 05-10-2006 - 04:04 | |
CVE-2006-2275 | 5.0 |
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive
|
15-02-2024 - 20:22 | 09-05-2006 - 20:02 | |
CVE-2005-3106 | 1.2 |
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just per
|
15-02-2024 - 20:19 | 30-09-2005 - 10:05 | |
CVE-2007-1863 | 5.0 |
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with
|
15-02-2024 - 19:19 | 27-06-2007 - 17:30 | |
CVE-2009-3238 | 7.8 |
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via v
|
15-02-2024 - 03:30 | 18-09-2009 - 10:30 | |
CVE-2008-2108 | 7.5 |
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a
|
15-02-2024 - 03:29 | 07-05-2008 - 21:20 | |
CVE-2009-2408 | 6.8 |
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certif
|
14-02-2024 - 17:21 | 30-07-2009 - 19:30 | |
CVE-2005-2498 | 7.5 |
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certai
|
14-02-2024 - 15:47 | 15-08-2005 - 04:00 | |
CVE-2005-1921 | 7.5 |
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) Mail
|
14-02-2024 - 15:41 | 05-07-2005 - 04:00 | |
CVE-2006-4253 | 7.6 |
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by red
|
14-02-2024 - 01:17 | 21-08-2006 - 20:04 | |
CVE-2005-4585 | 7.8 |
Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
|
14-02-2024 - 01:17 | 29-12-2005 - 11:03 | |
CVE-2006-4020 | 4.6 |
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a bu
|
14-02-2024 - 01:17 | 08-08-2006 - 20:04 | |
CVE-2006-1934 | 5.0 |
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2006-1938 | 5.0 |
Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector.
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-1465 | 5.0 |
Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop).
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-0705 | 5.0 |
The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enabled. allows remote attackers to cause a denial of service (application crash).
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2006-1933 | 5.0 |
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or infinite loops) viarafted packets to the (1) UMA and (2) BER dissectors.
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-1468 | 5.0 |
Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown ve
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-3247 | 5.0 |
The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-3248 | 5.0 |
Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (divide-by-zero) via unknown vectors.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-2361 | 5.0 |
Unknown vulnerability in the (1) AgentX dissector, (2) PER dissector, (3) DOCSIS dissector, (4) SCTP graphs, (5) HTTP dissector, (6) DCERPC, (7) DHCP, (8) RADIUS dissector, (9) Telnet dissector, (10) IS-IS LSP dissector, or (11) NCP dissector in Ethe
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2004-1139 | 5.0 |
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
|
14-02-2024 - 01:17 | 15-12-2004 - 05:00 | |
CVE-2005-1467 | 5.0 |
Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-1459 | 5.0 |
Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-3651 | 7.5 |
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
|
14-02-2024 - 01:17 | 10-12-2005 - 11:03 | |
CVE-2006-1936 | 5.0 |
Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector.
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-1462 | 7.5 |
Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-0084 | 7.5 |
Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet.
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2005-1458 | 5.0 |
Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-0699 | 7.5 |
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length val
|
14-02-2024 - 01:17 | 08-03-2005 - 05:00 | |
CVE-2006-1932 | 10.0 |
Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-3246 | 5.0 |
Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI, (2) sFlow, or (3) RTnet dissectors.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-2364 | 5.0 |
Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) CAMEL dissector in Ethereal 0.8.20 through 0.10.11 allows remote attackers to cause a denial of service (application crash) via certain packets that cause a null pointer dereference.
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2004-1142 | 5.0 |
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
|
14-02-2024 - 01:17 | 15-12-2004 - 05:00 | |
CVE-2005-1466 | 5.0 |
Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2006-1935 | 5.0 |
Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector.
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-2362 | 5.0 |
Unknown vulnerability several dissectors in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a denial of service (application crash) by reassembling certain packets.
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2005-3245 | 5.0 |
Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption).
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-3313 | 5.0 |
The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).
|
14-02-2024 - 01:17 | 01-11-2005 - 12:47 | |
CVE-2005-3244 | 5.0 |
The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-1461 | 7.5 |
Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Pr
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-2360 | 5.0 |
Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through 0.10.11 allows remote attackers to cause a denial of service (free static memory and application crash) via unknown attack vectors.
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2005-0009 | 5.0 |
Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash).
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2006-1940 | 5.0 |
Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP dissector.
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-2367 | 7.5 |
Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2006-1939 | 5.0 |
Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6)
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-1456 | 5.0 |
Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort).
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-3249 | 6.4 |
Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-1464 | 5.0 |
Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop).
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-3243 | 7.5 |
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-3184 | 10.0 |
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
|
14-02-2024 - 01:17 | 20-10-2005 - 23:02 | |
CVE-2005-3241 | 5.0 |
Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-2491 | 7.5 |
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, whic
|
14-02-2024 - 01:17 | 23-08-2005 - 04:00 | |
CVE-2005-0008 | 5.0 |
Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption."
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2006-1937 | 5.0 |
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) ge
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
CVE-2005-1469 | 5.0 |
Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-1457 | 5.0 |
Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash).
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2004-1141 | 5.0 |
The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory.
|
14-02-2024 - 01:17 | 31-12-2004 - 05:00 | |
CVE-2005-0765 | 5.0 |
Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).
|
14-02-2024 - 01:17 | 12-03-2005 - 05:00 | |
CVE-2005-2365 | 5.0 |
Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors.
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2005-0010 | 5.0 |
Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory.
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2005-2363 | 5.0 |
Unknown vulnerability in the (1) SMPP dissector, (2) 802.3 dissector, (3) DHCP, (4) MEGACO dissector, or (5) H1 dissector in Ethereal 0.8.15 through 0.10.11 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vecto
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2005-0704 | 7.5 |
Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2004-1140 | 5.0 |
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp.
|
14-02-2024 - 01:17 | 31-12-2004 - 05:00 | |
CVE-2005-0766 | 5.0 |
Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attackers to cause a denial of service (application crash).
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2005-3242 | 5.0 |
Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled.
|
14-02-2024 - 01:17 | 27-10-2005 - 10:02 | |
CVE-2005-0006 | 5.0 |
The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2005-2366 | 5.0 |
Unknown vulnerability in the BER dissector in Ethereal 0.10.11 allows remote attackers to cause a denial of service (abort or infinite loop) via unknown attack vectors.
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
CVE-2005-0739 | 5.0 |
The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly han
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2005-0007 | 5.0 |
Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion).
|
14-02-2024 - 01:17 | 02-05-2005 - 04:00 | |
CVE-2005-1470 | 5.0 |
Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-1460 | 5.0 |
Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2005-1463 | 7.5 |
Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
|
14-02-2024 - 01:17 | 05-05-2005 - 04:00 | |
CVE-2008-2374 | 7.5 |
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspeci
|
13-02-2024 - 16:09 | 07-07-2008 - 23:41 | |
CVE-2006-4997 | 7.1 |
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (f
|
10-02-2024 - 02:45 | 10-10-2006 - 04:06 | |
CVE-2009-0040 | 6.8 |
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr
|
09-02-2024 - 03:25 | 22-02-2009 - 22:30 | |
CVE-2007-2442 | 10.0 |
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cl
|
09-02-2024 - 03:23 | 26-06-2007 - 22:30 | |
CVE-2009-0846 | 10.0 |
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code
|
09-02-2024 - 03:21 | 09-04-2009 - 00:30 | |
CVE-2006-1058 | 2.1 |
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
|
09-02-2024 - 03:05 | 04-04-2006 - 10:04 | |
CVE-2005-2088 | 4.3 |
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfe
|
09-02-2024 - 02:40 | 05-07-2005 - 04:00 | |
CVE-2005-2456 | 2.1 |
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OU
|
09-02-2024 - 00:44 | 04-08-2005 - 04:00 | |
CVE-2008-0062 | 9.3 |
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer derefe
|
09-02-2024 - 00:42 | 19-03-2008 - 10:44 | |
CVE-2008-0063 | 4.3 |
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
|
09-02-2024 - 00:35 | 19-03-2008 - 10:44 | |
CVE-2009-3620 | 4.9 |
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash
|
09-02-2024 - 00:20 | 22-10-2009 - 16:00 | |
CVE-2009-0949 | 5.0 |
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler re
|
09-02-2024 - 00:17 | 09-06-2009 - 17:30 | |
CVE-2009-2692 | 7.2 |
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using
|
08-02-2024 - 23:50 | 14-08-2009 - 15:16 | |
CVE-2005-0102 | 7.2 |
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
|
08-02-2024 - 18:39 | 24-01-2005 - 05:00 | |
CVE-2005-0246 | 5.0 |
The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays.
|
05-02-2024 - 19:56 | 02-05-2005 - 04:00 | |
CVE-2008-5021 | 9.3 |
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying pr
|
02-02-2024 - 17:07 | 13-11-2008 - 11:30 | |
CVE-2010-1437 | 4.4 |
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact v
|
02-02-2024 - 16:38 | 07-05-2010 - 18:30 | |
CVE-2009-0023 | 4.3 |
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2)
|
02-02-2024 - 16:32 | 08-06-2009 - 01:00 | |
CVE-2007-6388 | 4.3 |
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or H
|
02-02-2024 - 16:16 | 08-01-2008 - 18:46 | |
CVE-2009-2416 | 4.3 |
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute
|
02-02-2024 - 16:04 | 11-08-2009 - 18:30 | |
CVE-2009-1837 | 9.3 |
Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading,
|
02-02-2024 - 16:03 | 12-06-2009 - 21:30 | |
CVE-2005-1689 | 7.5 |
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
|
02-02-2024 - 15:24 | 18-07-2005 - 04:00 | |
CVE-2005-0891 | 5.0 |
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.
|
02-02-2024 - 15:22 | 02-05-2005 - 04:00 | |
CVE-2005-3119 | 2.1 |
Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys.
|
02-02-2024 - 15:13 | 12-10-2005 - 13:03 | |
CVE-2008-3281 | 4.3 |
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
|
02-02-2024 - 15:02 | 27-08-2008 - 20:41 | |
CVE-2005-2103 | 7.5 |
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %
|
02-02-2024 - 15:02 | 16-08-2005 - 04:00 | |
CVE-2009-1955 | 5.0 |
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via
|
02-02-2024 - 14:11 | 08-06-2009 - 01:00 | |
CVE-2007-1285 | 5.0 |
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
|
02-02-2024 - 14:03 | 06-03-2007 - 20:19 | |
CVE-2005-3120 | 7.5 |
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
|
02-02-2024 - 14:00 | 17-10-2005 - 20:06 | |
CVE-2005-0490 | 5.1 |
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not
|
02-02-2024 - 03:05 | 02-05-2005 - 04:00 | |
CVE-2007-4988 | 6.8 |
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overfl
|
02-02-2024 - 02:45 | 24-09-2007 - 22:17 | |
CVE-2005-3623 | 5.0 |
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
|
02-02-2024 - 02:19 | 31-12-2005 - 05:00 | |
CVE-2005-3181 | 2.1 |
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a m
|
26-01-2024 - 18:56 | 12-10-2005 - 13:04 | |
CVE-2010-0013 | 5.0 |
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) requ
|
26-01-2024 - 17:47 | 09-01-2010 - 18:30 | |
CVE-2001-1494 | 2.1 |
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
|
26-01-2024 - 17:16 | 31-12-2001 - 05:00 | |
CVE-2005-1111 | 3.7 |
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
|
26-01-2024 - 17:07 | 02-05-2005 - 04:00 | |
CVE-2009-3939 | 6.6 |
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
|
25-01-2024 - 21:37 | 16-11-2009 - 19:30 | |
CVE-2005-1920 | 5.0 |
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive info
|
25-01-2024 - 21:11 | 26-07-2005 - 04:00 | |
CVE-2005-3274 | 1.2 |
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection tab
|
21-01-2024 - 01:26 | 21-10-2005 - 01:02 | |
CVE-2007-4465 | 4.3 |
Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using t
|
19-01-2024 - 15:13 | 14-09-2007 - 00:17 | |
CVE-2008-2939 | 4.3 |
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary we
|
19-01-2024 - 15:13 | 06-08-2008 - 18:41 | |
CVE-2005-3352 | 4.3 |
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
|
19-01-2024 - 15:12 | 13-12-2005 - 20:03 | |
CVE-2004-0079 | 5.0 |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
|
28-12-2023 - 15:33 | 23-11-2004 - 05:00 | |
CVE-2009-2698 | 7.2 |
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vecto
|
28-12-2023 - 15:22 | 27-08-2009 - 17:30 | |
CVE-2004-1287 | 10.0 |
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.
|
22-12-2023 - 17:15 | 10-01-2005 - 05:00 | |
CVE-2009-3560 | 5.0 |
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that
|
01-11-2023 - 17:16 | 04-12-2009 - 21:30 | |
CVE-2005-0227 | 4.3 |
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.
|
18-10-2023 - 20:54 | 02-05-2005 - 04:00 | |
CVE-2005-2975 | 7.8 |
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
|
11-08-2023 - 20:12 | 18-11-2005 - 06:03 | |
CVE-2005-2976 | 7.5 |
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-200
|
03-08-2023 - 17:19 | 18-11-2005 - 06:03 | |
CVE-2005-0372 | 5.0 |
Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.
|
03-08-2023 - 17:17 | 02-05-2005 - 04:00 | |
CVE-2007-4965 | 5.8 |
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) t
|
02-08-2023 - 18:52 | 18-09-2007 - 22:17 | |
CVE-2008-3144 | 5.0 |
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to stri
|
02-08-2023 - 18:52 | 01-08-2008 - 14:41 | |
CVE-2008-1679 | 6.8 |
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue i
|
02-08-2023 - 18:52 | 22-04-2008 - 04:41 | |
CVE-2008-3143 | 7.5 |
Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c
|
02-08-2023 - 18:50 | 01-08-2008 - 14:41 | |
CVE-2006-4980 | 7.5 |
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
|
02-08-2023 - 18:04 | 10-10-2006 - 04:06 | |
CVE-2007-2052 | 5.0 |
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown m
|
02-08-2023 - 18:04 | 16-04-2007 - 22:19 | |
CVE-2005-0089 | 7.5 |
The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of
|
02-08-2023 - 18:04 | 02-05-2005 - 04:00 | |
CVE-2008-2315 | 7.5 |
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7)
|
02-08-2023 - 17:14 | 01-08-2008 - 14:41 | |
CVE-2008-1145 | 5.0 |
Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access a
|
01-08-2023 - 18:58 | 04-03-2008 - 23:44 | |
CVE-2008-2383 | 9.3 |
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related
|
27-07-2023 - 05:15 | 02-01-2009 - 18:11 | |
CVE-2007-5000 | 4.3 |
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inje
|
07-03-2023 - 18:11 | 13-12-2007 - 18:46 | |
CVE-2009-1956 | 6.4 |
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
|
03-03-2023 - 18:45 | 08-06-2009 - 01:00 | |
CVE-2010-0442 | 6.5 |
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in th
|
24-02-2023 - 18:45 | 02-02-2010 - 18:30 | |
CVE-2007-3278 | 6.9 |
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host param
|
24-02-2023 - 15:35 | 19-06-2007 - 21:30 | |
CVE-2010-2063 | 7.5 |
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arb
|
13-02-2023 - 04:19 | 17-06-2010 - 16:30 | |
CVE-2010-1440 | 6.8 |
Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related
|
13-02-2023 - 04:17 | 07-05-2010 - 18:24 | |
CVE-2010-1173 | 7.1 |
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invali
|
13-02-2023 - 04:17 | 07-05-2010 - 18:30 | |
CVE-2010-0739 | 6.8 |
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of
|
13-02-2023 - 04:16 | 16-04-2010 - 18:30 | |
CVE-2010-0733 | 3.5 |
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related
|
13-02-2023 - 04:16 | 19-03-2010 - 19:30 | |
CVE-2010-0411 | 4.9 |
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large
|
13-02-2023 - 04:16 | 08-02-2010 - 20:30 | |
CVE-2010-0434 | 4.3 |
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, wh
|
13-02-2023 - 04:16 | 05-03-2010 - 19:30 | |
CVE-2010-0307 | 4.7 |
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of
|
13-02-2023 - 04:15 | 17-02-2010 - 18:30 | |
CVE-2009-3546 | 9.3 |
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-
|
13-02-2023 - 02:20 | 19-10-2009 - 20:00 | |
CVE-2009-3608 | 9.3 |
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a craf
|
13-02-2023 - 02:20 | 21-10-2009 - 17:30 | |
CVE-2009-2409 | 5.1 |
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificat
|
13-02-2023 - 02:20 | 30-07-2009 - 19:30 | |
CVE-2009-2906 | 4.0 |
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.
|
13-02-2023 - 02:20 | 07-10-2009 - 18:30 | |
CVE-2009-3621 | 4.9 |
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing
|
13-02-2023 - 02:20 | 22-10-2009 - 16:00 | |
CVE-2009-3889 | 6.6 |
The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file.
|
13-02-2023 - 02:20 | 16-11-2009 - 19:30 | |
CVE-2009-3609 | 4.3 |
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via
|
13-02-2023 - 02:20 | 21-10-2009 - 17:30 | |
CVE-2009-3555 | 5.8 |
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
|
13-02-2023 - 02:20 | 09-11-2009 - 17:30 | |
CVE-2009-4030 | 4.4 |
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks
|
13-02-2023 - 02:20 | 30-11-2009 - 17:30 | |
CVE-2009-3726 | 7.8 |
The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect
|
13-02-2023 - 02:20 | 09-11-2009 - 19:30 | |
CVE-2009-1895 | 7.2 |
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to l
|
13-02-2023 - 02:20 | 16-07-2009 - 15:30 | |
CVE-2009-4020 | 7.8 |
Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.
|
13-02-2023 - 02:20 | 04-12-2009 - 21:30 | |
CVE-2009-2910 | 2.1 |
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 p
|
13-02-2023 - 02:20 | 20-10-2009 - 17:30 | |
CVE-2009-3080 | 7.2 |
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
|
13-02-2023 - 02:20 | 20-11-2009 - 17:30 | |
CVE-2009-3606 | 9.3 |
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overf
|
13-02-2023 - 02:20 | 21-10-2009 - 17:30 | |
CVE-2009-3550 | 4.3 |
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of t
|
13-02-2023 - 02:20 | 30-10-2009 - 20:30 | |
CVE-2009-1891 | 7.1 |
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
|
13-02-2023 - 02:20 | 10-07-2009 - 15:30 | |
CVE-2009-1376 | 9.3 |
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remo
|
13-02-2023 - 02:20 | 26-05-2009 - 15:30 | |
CVE-2009-1308 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in
|
13-02-2023 - 02:20 | 22-04-2009 - 18:30 | |
CVE-2009-1385 | 7.8 |
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote a
|
13-02-2023 - 02:20 | 04-06-2009 - 16:30 | |
CVE-2010-0001 | 6.8 |
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra
|
13-02-2023 - 02:20 | 29-01-2010 - 18:30 | |
CVE-2010-0008 | 7.8 |
The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.
|
13-02-2023 - 02:20 | 19-03-2010 - 19:30 | |
CVE-2009-1389 | 7.8 |
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.
|
13-02-2023 - 02:20 | 16-06-2009 - 23:30 | |
CVE-2010-0007 | 2.1 |
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access r
|
13-02-2023 - 02:20 | 19-01-2010 - 16:30 | |
CVE-2010-0003 | 5.4 |
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and t
|
13-02-2023 - 02:20 | 26-01-2010 - 18:30 | |
CVE-2008-5016 | 5.0 |
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other conse
|
13-02-2023 - 02:19 | 13-11-2008 - 11:30 | |
CVE-2008-5513 | 4.3 |
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cr
|
13-02-2023 - 02:19 | 17-12-2008 - 23:30 | |
CVE-2008-5504 | 7.5 |
Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.
|
13-02-2023 - 02:19 | 17-12-2008 - 23:30 | |
CVE-2008-5511 | 4.3 |
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to a
|
13-02-2023 - 02:19 | 17-12-2008 - 23:30 | |
CVE-2008-4307 | 4.0 |
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improp
|
13-02-2023 - 02:19 | 13-01-2009 - 17:00 | |
CVE-2008-4309 | 5.0 |
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK req
|
13-02-2023 - 02:19 | 31-10-2008 - 20:29 | |
CVE-2008-5012 | 5.0 |
Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin
|
13-02-2023 - 02:19 | 13-11-2008 - 11:30 | |
CVE-2008-5019 | 4.3 |
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges vi
|
13-02-2023 - 02:19 | 13-11-2008 - 11:30 | |
CVE-2008-4310 | 7.8 |
httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for
|
13-02-2023 - 02:19 | 09-12-2008 - 00:30 | |
CVE-2008-3932 | 5.0 |
Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.
|
13-02-2023 - 02:19 | 04-09-2008 - 19:41 | |
CVE-2008-2936 | 6.2 |
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creatin
|
13-02-2023 - 02:19 | 18-08-2008 - 19:41 | |
CVE-2008-3528 | 2.1 |
The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically prox
|
13-02-2023 - 02:19 | 27-09-2008 - 10:30 | |
CVE-2008-2365 | 4.7 |
Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another
|
13-02-2023 - 02:19 | 30-06-2008 - 21:41 | |
CVE-2008-3651 | 4.0 |
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.
|
13-02-2023 - 02:19 | 13-08-2008 - 01:41 | |
CVE-2008-2927 | 6.8 |
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to
|
13-02-2023 - 02:19 | 07-07-2008 - 23:41 | |
CVE-2008-3275 | 4.9 |
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denia
|
13-02-2023 - 02:19 | 12-08-2008 - 23:41 | |
CVE-2008-3272 | 2.1 |
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain da
|
13-02-2023 - 02:19 | 08-08-2008 - 18:41 | |
CVE-2008-3432 | 6.8 |
Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
|
13-02-2023 - 02:19 | 10-10-2008 - 10:30 | |
CVE-2008-3529 | 10.0 |
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
|
13-02-2023 - 02:19 | 12-09-2008 - 16:56 | |
CVE-2008-3652 | 7.8 |
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
|
13-02-2023 - 02:19 | 13-08-2008 - 01:41 | |
CVE-2008-2376 | 7.5 |
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (
|
13-02-2023 - 02:19 | 09-07-2008 - 00:41 | |
CVE-2008-1951 | 4.6 |
Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows l
|
13-02-2023 - 02:19 | 25-06-2008 - 12:36 | |
CVE-2008-1926 | 7.5 |
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the lo
|
13-02-2023 - 02:19 | 24-04-2008 - 05:05 | |
CVE-2008-2364 | 5.0 |
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service
|
13-02-2023 - 02:19 | 13-06-2008 - 18:41 | |
CVE-2008-2375 | 7.1 |
Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication at
|
13-02-2023 - 02:19 | 09-07-2008 - 00:41 | |
CVE-2008-2812 | 7.2 |
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) ha
|
13-02-2023 - 02:19 | 09-07-2008 - 00:41 | |
CVE-2009-1179 | 6.8 |
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
|
13-02-2023 - 02:19 | 23-04-2009 - 17:30 | |
CVE-2009-0030 | 6.5 |
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the stand
|
13-02-2023 - 02:19 | 21-01-2009 - 20:30 | |
CVE-2009-0771 | 10.0 |
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption a
|
13-02-2023 - 02:19 | 05-03-2009 - 02:30 | |
CVE-2009-0791 | 6.8 |
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute a
|
13-02-2023 - 02:19 | 09-06-2009 - 17:30 | |
CVE-2009-0031 | 4.9 |
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
|
13-02-2023 - 02:19 | 21-01-2009 - 02:30 | |
CVE-2009-0587 | 7.5 |
Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vca
|
13-02-2023 - 02:19 | 14-03-2009 - 18:30 | |
CVE-2009-0585 | 7.5 |
Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.
|
13-02-2023 - 02:19 | 14-03-2009 - 18:30 | |
CVE-2009-1188 | 5.0 |
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code
|
13-02-2023 - 02:19 | 23-04-2009 - 19:30 | |
CVE-2009-0356 | 5.1 |
Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome
|
13-02-2023 - 02:19 | 04-02-2009 - 19:30 | |
CVE-2009-1181 | 4.3 |
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
|
13-02-2023 - 02:19 | 23-04-2009 - 17:30 | |
CVE-2009-0800 | 6.8 |
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
|
13-02-2023 - 02:19 | 23-04-2009 - 17:30 | |
CVE-2007-5497 | 5.8 |
Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
|
13-02-2023 - 02:18 | 07-12-2007 - 11:46 | |
CVE-2007-5339 | 4.3 |
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
|
13-02-2023 - 02:18 | 21-10-2007 - 19:17 | |
CVE-2007-5707 | 7.1 |
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
|
13-02-2023 - 02:18 | 30-10-2007 - 19:46 | |
CVE-2007-4997 | 7.1 |
Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IE
|
13-02-2023 - 02:18 | 06-11-2007 - 19:46 | |
CVE-2007-6284 | 5.0 |
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
|
13-02-2023 - 02:18 | 12-01-2008 - 02:46 | |
CVE-2007-5340 | 4.3 |
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
|
13-02-2023 - 02:18 | 21-10-2007 - 19:17 | |
CVE-2007-5500 | 4.9 |
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are
|
13-02-2023 - 02:18 | 20-11-2007 - 02:46 | |
CVE-2007-6439 | 6.1 |
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Fir
|
13-02-2023 - 02:18 | 19-12-2007 - 22:46 | |
CVE-2007-5960 | 4.3 |
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer
|
13-02-2023 - 02:18 | 26-11-2007 - 23:46 | |
CVE-2007-6438 | 5.0 |
Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already cover
|
13-02-2023 - 02:18 | 19-12-2007 - 22:46 | |
CVE-2007-5093 | 4.0 |
The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consump
|
13-02-2023 - 02:18 | 26-09-2007 - 21:17 | |
CVE-2007-4568 | 6.8 |
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers
|
13-02-2023 - 02:18 | 05-10-2007 - 21:17 | |
CVE-2007-4571 | 2.1 |
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memor
|
13-02-2023 - 02:18 | 26-09-2007 - 10:17 | |
CVE-2008-1612 | 4.3 |
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an in
|
13-02-2023 - 02:18 | 01-04-2008 - 17:44 | |
CVE-2007-3741 | 4.3 |
The (1) psp (aka .tub), (2) bmp, (3) pcx, and (4) psd plugins in gimp allow user-assisted remote attackers to cause a denial of service (crash or memory consumption) via crafted image files, as discovered using the fusil fuzzing tool.
|
13-02-2023 - 02:18 | 27-08-2007 - 17:17 | |
CVE-2007-4137 | 7.5 |
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error
|
13-02-2023 - 02:18 | 18-09-2007 - 19:17 | |
CVE-2007-3847 | 5.0 |
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffe
|
13-02-2023 - 02:18 | 23-08-2007 - 22:17 | |
CVE-2008-1238 | 5.0 |
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypa
|
13-02-2023 - 02:18 | 27-03-2008 - 10:44 | |
CVE-2008-0001 | 3.6 |
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
|
13-02-2023 - 02:18 | 15-01-2008 - 20:00 | |
CVE-2008-1380 | 9.3 |
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page.
|
13-02-2023 - 02:18 | 17-04-2008 - 19:05 | |
CVE-2008-1374 | 6.8 |
Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888
|
13-02-2023 - 02:18 | 04-04-2008 - 00:44 | |
CVE-2008-0596 | 5.0 |
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers.
|
13-02-2023 - 02:18 | 26-02-2008 - 00:44 | |
CVE-2006-7228 | 6.8 |
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an in
|
13-02-2023 - 02:17 | 14-11-2007 - 21:46 | |
CVE-2006-7227 | 6.8 |
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern name
|
13-02-2023 - 02:17 | 14-11-2007 - 21:46 | |
CVE-2007-2872 | 6.8 |
Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
|
13-02-2023 - 02:17 | 04-06-2007 - 17:30 | |
CVE-2007-2754 | 6.8 |
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overf
|
13-02-2023 - 02:17 | 17-05-2007 - 22:30 | |
CVE-2007-3106 | 6.8 |
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap
|
13-02-2023 - 02:17 | 26-07-2007 - 21:30 | |
CVE-2007-3387 | 6.8 |
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute
|
13-02-2023 - 02:17 | 30-07-2007 - 23:17 | |
CVE-2007-3105 | 4.6 |
Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater
|
13-02-2023 - 02:17 | 27-07-2007 - 21:30 | |
CVE-2006-5753 | 7.2 |
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
|
13-02-2023 - 02:16 | 30-01-2007 - 19:28 | |
CVE-2005-4872 | 4.3 |
Perl-Compatible Regular Expression (PCRE) library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service (crash) via a regular expression with a large number
|
13-02-2023 - 02:16 | 31-12-2005 - 05:00 | |
CVE-2006-4340 | 4.0 |
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature
|
13-02-2023 - 02:16 | 15-09-2006 - 18:07 | |
CVE-2006-2936 | 7.8 |
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, wh
|
13-02-2023 - 02:16 | 10-07-2006 - 19:05 | |
CVE-2006-2444 | 7.8 |
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees o
|
13-02-2023 - 02:16 | 25-05-2006 - 10:02 | |
CVE-2006-3467 | 7.5 |
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
|
13-02-2023 - 02:16 | 21-07-2006 - 14:03 | |
CVE-2006-2448 | 5.6 |
Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and
|
13-02-2023 - 02:16 | 23-06-2006 - 10:02 | |
CVE-2006-3741 | 4.9 |
The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file de
|
13-02-2023 - 02:16 | 10-10-2006 - 04:05 | |
CVE-2006-2934 | 5.0 |
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to conta
|
13-02-2023 - 02:16 | 30-06-2006 - 21:05 | |
CVE-2006-4813 | 2.1 |
The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.
|
13-02-2023 - 02:16 | 12-10-2006 - 20:07 | |
CVE-2006-1522 | 4.9 |
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, whi
|
13-02-2023 - 02:16 | 10-04-2006 - 20:02 | |
CVE-2006-0039 | 4.7 |
Race condition in the do_add_counters function in netfilter for Linux kernel 2.6.16 allows local users with CAP_NET_ADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent wit
|
13-02-2023 - 02:16 | 19-05-2006 - 22:02 | |
CVE-2006-1490 | 5.0 |
PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safet
|
13-02-2023 - 02:16 | 29-03-2006 - 21:06 | |
CVE-2006-1861 | 7.5 |
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_
|
13-02-2023 - 02:16 | 23-05-2006 - 10:06 | |
CVE-2006-0903 | 4.6 |
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query fu
|
13-02-2023 - 02:16 | 27-02-2006 - 23:02 | |
CVE-2006-1863 | 2.1 |
Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1864.
|
13-02-2023 - 02:16 | 25-04-2006 - 22:02 | |
CVE-2006-0456 | 2.1 |
The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.
|
13-02-2023 - 02:16 | 27-06-2006 - 23:05 | |
CVE-2006-0038 | 6.9 |
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.
|
13-02-2023 - 02:16 | 22-03-2006 - 20:06 | |
CVE-2006-1528 | 4.9 |
Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.
|
13-02-2023 - 02:16 | 18-05-2006 - 19:06 | |
CVE-2006-0455 | 4.6 |
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature
|
13-02-2023 - 02:16 | 15-02-2006 - 22:06 | |
CVE-2005-4605 | 2.1 |
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
|
13-02-2023 - 02:15 | 31-12-2005 - 05:00 | |
CVE-2005-4744 | 6.4 |
Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the ex
|
13-02-2023 - 02:15 | 31-12-2005 - 05:00 | |
CVE-2005-3356 | 2.1 |
The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause
|
13-02-2023 - 02:15 | 31-12-2005 - 05:00 | |
CVE-2005-3053 | 2.1 |
The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument.
|
13-02-2023 - 02:15 | 26-09-2005 - 19:03 | |
CVE-2005-3357 | 5.4 |
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers
|
13-02-2023 - 02:15 | 31-12-2005 - 05:00 | |
CVE-2005-3358 | 4.9 |
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
|
13-02-2023 - 02:15 | 14-12-2005 - 19:03 | |
CVE-2005-3359 | 4.9 |
The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.
|
13-02-2023 - 02:15 | 31-12-2005 - 05:00 | |
CVE-2005-2974 | 2.6 |
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
|
13-02-2023 - 02:15 | 04-11-2005 - 00:02 | |
CVE-2005-2973 | 2.1 |
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
|
13-02-2023 - 02:15 | 27-10-2005 - 18:02 | |
CVE-2009-3604 | 9.3 |
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) o
|
13-02-2023 - 01:17 | 21-10-2009 - 17:30 | |
CVE-2009-3612 | 2.1 |
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensit
|
13-02-2023 - 01:17 | 19-10-2009 - 20:00 | |
CVE-2009-3613 | 7.8 |
The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of netwo
|
13-02-2023 - 01:17 | 19-10-2009 - 20:00 | |
CVE-2009-2412 | 10.0 |
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code
|
13-02-2023 - 01:17 | 06-08-2009 - 15:30 | |
CVE-2009-2414 | 4.3 |
Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related
|
13-02-2023 - 01:17 | 11-08-2009 - 18:30 | |
CVE-2009-0354 | 2.6 |
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors
|
13-02-2023 - 01:17 | 04-02-2009 - 19:30 | |
CVE-2009-1192 | 4.9 |
The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows
|
13-02-2023 - 01:17 | 24-04-2009 - 15:30 | |
CVE-2009-1194 | 6.8 |
Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string th
|
13-02-2023 - 01:17 | 11-05-2009 - 15:30 | |
CVE-2009-1373 | 7.1 |
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained fro
|
13-02-2023 - 01:17 | 26-05-2009 - 15:30 | |
CVE-2009-1313 | 9.3 |
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this v
|
13-02-2023 - 01:17 | 30-04-2009 - 21:30 | |
CVE-2009-0792 | 9.3 |
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus
|
13-02-2023 - 01:17 | 14-04-2009 - 16:26 | |
CVE-2009-1183 | 4.3 |
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
|
13-02-2023 - 01:17 | 23-04-2009 - 17:30 | |
CVE-2009-0583 | 9.3 |
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus
|
13-02-2023 - 01:17 | 23-03-2009 - 20:00 | |
CVE-2005-2700 | 10.0 |
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass inten
|
13-02-2023 - 01:16 | 06-09-2005 - 23:03 | |
CVE-2005-2970 | 5.0 |
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused f
|
13-02-2023 - 01:16 | 25-10-2005 - 17:06 | |
CVE-2005-1761 | 2.1 |
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
|
13-02-2023 - 01:16 | 05-08-2005 - 04:00 | |
CVE-2005-1266 | 5.0 |
Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
|
13-02-2023 - 01:15 | 15-06-2005 - 04:00 | |
CVE-2005-0530 | 2.1 |
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.
|
13-02-2023 - 01:15 | 02-05-2005 - 04:00 | |
CVE-2005-1268 | 5.0 |
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one
|
13-02-2023 - 01:15 | 05-08-2005 - 04:00 | |
CVE-2005-0839 | 7.2 |
Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.
|
13-02-2023 - 01:15 | 02-05-2005 - 04:00 | |
CVE-2005-0531 | 2.1 |
The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.
|
13-02-2023 - 01:15 | 02-05-2005 - 04:00 | |
CVE-2005-0937 | 1.2 |
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is exe
|
13-02-2023 - 01:15 | 22-02-2005 - 05:00 | |
CVE-2005-0529 | 2.1 |
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a po
|
13-02-2023 - 01:15 | 02-05-2005 - 04:00 | |
CVE-2005-0245 | 7.5 |
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE
|
19-01-2023 - 20:13 | 01-02-2005 - 05:00 | |
CVE-2007-0555 | 8.5 |
PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a den
|
19-01-2023 - 20:10 | 06-02-2007 - 01:28 | |
CVE-2009-2687 | 4.3 |
The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.
|
19-01-2023 - 16:38 | 05-08-2009 - 19:30 | |
CVE-2007-6601 | 7.2 |
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. N
|
18-01-2023 - 21:19 | 09-01-2008 - 21:46 | |
CVE-2009-2948 | 1.9 |
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain t
|
31-10-2022 - 15:03 | 07-10-2009 - 18:30 | |
CVE-2006-3918 | 4.3 |
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected ba
|
21-09-2022 - 19:35 | 28-07-2006 - 00:04 | |
CVE-2006-5752 | 4.3 |
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML vi
|
21-09-2022 - 19:34 | 27-06-2007 - 17:30 | |
CVE-2007-3304 | 4.7 |
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the m
|
21-09-2022 - 19:34 | 20-06-2007 - 22:30 | |
CVE-2008-0005 | 4.3 |
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
|
21-09-2022 - 19:10 | 12-01-2008 - 00:46 | |
CVE-2009-3095 | 5.0 |
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as
|
19-09-2022 - 19:50 | 08-09-2009 - 18:30 | |
CVE-2009-3094 | 2.6 |
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a mal
|
19-09-2022 - 19:49 | 08-09-2009 - 18:30 | |
CVE-2008-1105 | 7.5 |
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
|
29-08-2022 - 20:12 | 29-05-2008 - 16:32 | |
CVE-2009-1888 | 5.8 |
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vecto
|
29-08-2022 - 19:43 | 25-06-2009 - 01:30 | |
CVE-2009-1698 | 9.3 |
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which a
|
09-08-2022 - 13:48 | 10-06-2009 - 18:00 | |
CVE-2007-0455 | 7.5 |
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded
|
21-07-2022 - 15:17 | 30-01-2007 - 17:28 | |
CVE-2006-4482 | 9.3 |
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990
|
19-07-2022 - 18:32 | 31-08-2006 - 21:04 | |
CVE-2008-4864 | 7.5 |
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function,
|
05-07-2022 - 18:48 | 01-11-2008 - 00:00 | |
CVE-2008-1721 | 7.5 |
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
|
05-07-2022 - 18:43 | 10-04-2008 - 19:05 | |
CVE-2008-3142 | 7.5 |
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicod
|
05-07-2022 - 18:41 | 01-08-2008 - 14:41 | |
CVE-2008-1887 | 9.3 |
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when asse
|
27-06-2022 - 16:33 | 18-04-2008 - 17:05 | |
CVE-2005-1849 | 5.0 |
inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
|
22-06-2022 - 16:40 | 26-07-2005 - 04:00 | |
CVE-2005-2096 | 7.5 |
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted
|
22-06-2022 - 16:40 | 06-07-2005 - 04:00 | |
CVE-2005-0233 | 7.5 |
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homog
|
28-02-2022 - 17:41 | 08-02-2005 - 05:00 | |
CVE-2006-5170 | 7.5 |
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the
|
25-02-2022 - 19:20 | 10-10-2006 - 04:06 | |
CVE-2007-2356 | 6.8 |
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
|
07-02-2022 - 19:21 | 30-04-2007 - 22:19 | |
CVE-2006-4519 | 6.8 |
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
|
07-02-2022 - 17:56 | 10-07-2007 - 18:30 | |
CVE-2007-2949 | 6.8 |
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
|
07-02-2022 - 17:48 | 04-07-2007 - 15:30 | |
CVE-2007-0010 | 2.1 |
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
|
07-02-2022 - 17:28 | 24-01-2007 - 19:28 | |
CVE-2006-3404 | 5.1 |
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VE
|
07-02-2022 - 17:27 | 06-07-2006 - 20:05 | |
CVE-2007-2834 | 9.3 |
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which
|
07-02-2022 - 17:16 | 18-09-2007 - 21:17 | |
CVE-2009-3301 | 9.3 |
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word d
|
07-02-2022 - 17:06 | 16-02-2010 - 19:30 | |
CVE-2009-3302 | 9.3 |
filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "
|
07-02-2022 - 17:05 | 16-02-2010 - 19:30 | |
CVE-2010-0395 | 9.3 |
OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro direct
|
07-02-2022 - 17:03 | 10-06-2010 - 00:30 | |
CVE-2009-2950 | 9.3 |
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary
|
07-02-2022 - 16:58 | 16-02-2010 - 19:30 | |
CVE-2009-2949 | 9.3 |
Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
|
07-02-2022 - 16:57 | 16-02-2010 - 19:30 | |
CVE-2008-2729 | 4.9 |
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
|
03-02-2022 - 19:57 | 30-06-2008 - 22:41 | |
CVE-2007-1349 | 5.0 |
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted U
|
03-02-2022 - 16:26 | 30-03-2007 - 00:19 | |
CVE-2008-2711 | 4.3 |
fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference wh
|
09-08-2021 - 21:15 | 16-06-2008 - 21:41 | |
CVE-2009-2472 | 4.3 |
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, re
|
29-07-2021 - 13:46 | 22-07-2009 - 18:30 | |
CVE-2007-2292 | 4.3 |
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
|
23-07-2021 - 15:05 | 26-04-2007 - 20:19 | |
CVE-2010-0421 | 4.3 |
Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to buildi
|
14-07-2021 - 15:41 | 18-03-2010 - 17:30 | |
CVE-2006-4811 | 6.8 |
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
|
16-06-2021 - 12:43 | 18-10-2006 - 17:07 | |
CVE-2005-2728 | 5.0 |
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
|
06-06-2021 - 11:15 | 30-08-2005 - 11:45 | |
CVE-2007-4476 | 7.5 |
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
|
17-05-2021 - 19:55 | 05-09-2007 - 01:17 | |
CVE-2006-2661 | 5.0 |
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
|
05-04-2021 - 19:25 | 30-05-2006 - 19:02 | |
CVE-2009-0946 | 7.5 |
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
|
05-04-2021 - 19:25 | 17-04-2009 - 00:30 | |
CVE-2010-1321 | 6.8 |
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allo
|
02-02-2021 - 18:53 | 19-05-2010 - 18:30 | |
CVE-2007-2798 | 9.0 |
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
|
02-02-2021 - 18:32 | 26-06-2007 - 22:30 | |
CVE-2007-2443 | 8.3 |
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
|
02-02-2021 - 18:28 | 26-06-2007 - 22:30 | |
CVE-2007-0957 | 9.0 |
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitr
|
02-02-2021 - 18:24 | 06-04-2007 - 01:19 | |
CVE-2007-0956 | 10.0 |
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
|
02-02-2021 - 18:23 | 06-04-2007 - 01:19 | |
CVE-2007-1216 | 9.0 |
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows r
|
02-02-2021 - 18:22 | 06-04-2007 - 01:19 | |
CVE-2004-1189 | 7.2 |
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an arr
|
02-02-2021 - 18:16 | 31-12-2004 - 05:00 | |
CVE-2008-1808 | 7.5 |
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which trigger
|
26-01-2021 - 12:41 | 16-06-2008 - 19:41 | |
CVE-2007-4045 | 5.0 |
The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of s
|
23-12-2020 - 15:20 | 27-07-2007 - 22:30 | |
CVE-2007-0720 | 5.0 |
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
|
15-12-2020 - 02:02 | 13-03-2007 - 21:19 | |
CVE-2007-1562 | 6.8 |
The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate
|
09-12-2020 - 10:15 | 21-03-2007 - 19:19 | |
CVE-2004-1018 | 10.0 |
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underfl
|
08-12-2020 - 18:49 | 10-01-2005 - 05:00 | |
CVE-2007-6427 | 9.3 |
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
|
20-11-2020 - 16:47 | 18-01-2008 - 23:00 | |
CVE-2005-2069 | 5.0 |
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers t
|
16-11-2020 - 19:30 | 30-06-2005 - 04:00 | |
CVE-2005-1260 | 5.0 |
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
|
13-11-2020 - 17:07 | 19-05-2005 - 04:00 | |
CVE-2009-0784 | 6.3 |
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
|
04-11-2020 - 15:43 | 25-03-2009 - 23:30 | |
CVE-2007-5191 | 7.2 |
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
|
04-11-2020 - 14:59 | 04-10-2007 - 16:17 | |
CVE-2009-0590 | 5.0 |
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid
|
03-11-2020 - 17:38 | 27-03-2009 - 16:30 | |
CVE-2006-2932 | 4.9 |
A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors. Red Hat has issu
|
28-09-2020 - 14:54 | 23-08-2006 - 19:04 | |
CVE-2006-2932 | 4.9 |
A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors. Red Hat has issu
|
28-09-2020 - 14:54 | 23-08-2006 - 19:04 | |
CVE-2009-1072 | 4.9 |
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash o
|
02-09-2020 - 16:01 | 25-03-2009 - 01:30 | |
CVE-2009-2848 | 5.9 |
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone
|
28-08-2020 - 13:10 | 18-08-2009 - 21:00 | |
CVE-2006-2935 | 4.6 |
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device
|
28-08-2020 - 13:06 | 05-07-2006 - 18:05 | |
CVE-2009-0834 | 3.6 |
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass
|
26-08-2020 - 12:57 | 06-03-2009 - 11:30 | |
CVE-2008-1375 | 6.9 |
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
|
26-08-2020 - 12:56 | 02-05-2008 - 16:05 | |
CVE-2009-1630 | 4.4 |
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass pe
|
21-08-2020 - 18:45 | 14-05-2009 - 17:30 | |
CVE-2007-6716 | 4.9 |
fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.
|
14-08-2020 - 15:40 | 04-09-2008 - 17:41 | |
CVE-2009-3228 | 2.1 |
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users
|
13-08-2020 - 12:59 | 19-10-2009 - 20:00 | |
CVE-2007-6206 | 2.1 |
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might
|
12-08-2020 - 19:26 | 04-12-2007 - 00:46 | |
CVE-2006-1174 | 3.7 |
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and poss
|
11-08-2020 - 17:09 | 28-05-2006 - 23:02 | |
CVE-2005-3388 | 4.3 |
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
|
23-06-2020 - 03:15 | 01-11-2005 - 12:47 | |
CVE-2009-2474 | 5.8 |
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers vi
|
22-05-2020 - 15:32 | 21-08-2009 - 17:30 | |
CVE-2005-0087 | 4.6 |
The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library.
|
22-05-2020 - 15:20 | 27-04-2005 - 04:00 | |
CVE-2008-1447 | 5.0 |
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
|
24-03-2020 - 18:19 | 08-07-2008 - 23:41 | |
CVE-2009-4212 | 10.0 |
Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly
|
21-01-2020 - 15:45 | 13-01-2010 - 19:30 | |
CVE-2006-3083 | 7.2 |
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain pr
|
21-01-2020 - 15:45 | 09-08-2006 - 10:04 | |
CVE-2007-3999 | 10.0 |
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third
|
21-01-2020 - 15:45 | 05-09-2007 - 10:17 | |
CVE-2005-1175 | 7.5 |
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP req
|
21-01-2020 - 15:45 | 18-07-2005 - 04:00 | |
CVE-2005-0488 | 5.0 |
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
|
21-01-2020 - 15:45 | 14-06-2005 - 04:00 | |
CVE-2005-1174 | 5.0 |
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
|
21-01-2020 - 15:45 | 18-07-2005 - 04:00 | |
CVE-2008-4098 | 4.6 |
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and
|
17-12-2019 - 20:26 | 18-09-2008 - 15:04 | |
CVE-2009-2446 | 8.5 |
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other
|
17-12-2019 - 20:26 | 13-07-2009 - 17:30 | |
CVE-2006-4226 | 3.6 |
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have pe
|
17-12-2019 - 20:16 | 18-08-2006 - 20:04 | |
CVE-2006-3469 | 4.0 |
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_forma
|
17-12-2019 - 20:16 | 21-07-2006 - 14:03 | |
CVE-2006-4031 | 2.1 |
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. This vuln
|
17-12-2019 - 20:16 | 09-08-2006 - 22:04 | |
CVE-2006-2753 | 7.5 |
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properl
|
17-12-2019 - 20:16 | 01-06-2006 - 17:02 | |
CVE-2006-1516 | 5.0 |
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
|
17-12-2019 - 20:16 | 05-05-2006 - 12:46 | |
CVE-2006-1517 | 5.0 |
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error m
|
17-12-2019 - 20:16 | 05-05-2006 - 12:46 | |
CVE-2008-4456 | 2.6 |
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by
|
17-12-2019 - 19:56 | 06-10-2008 - 23:25 | |
CVE-2006-3081 | 4.0 |
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
|
17-12-2019 - 17:13 | 19-06-2006 - 18:02 | |
CVE-2005-0709 | 4.6 |
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
|
17-12-2019 - 17:12 | 02-05-2005 - 04:00 | |
CVE-2005-0710 | 4.6 |
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is pr
|
17-12-2019 - 17:12 | 02-05-2005 - 04:00 | |
CVE-2005-1636 | 4.6 |
mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
|
17-12-2019 - 17:12 | 17-05-2005 - 04:00 | |
CVE-2005-0711 | 2.1 |
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
|
17-12-2019 - 17:12 | 02-05-2005 - 04:00 | |
CVE-2008-2079 | 4.6 |
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY argume
|
17-12-2019 - 15:25 | 05-05-2008 - 16:20 | |
CVE-2008-5031 | 10.0 |
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs fun
|
25-10-2019 - 11:53 | 10-11-2008 - 16:15 | |
CVE-2005-0758 | 4.6 |
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
|
16-10-2019 - 20:01 | 13-05-2005 - 04:00 | |
CVE-2007-4772 | 4.0 |
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted reg
|
09-10-2019 - 22:53 | 09-01-2008 - 21:46 | |
CVE-2007-0988 | 4.3 |
The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only caus
|
09-10-2019 - 22:52 | 20-02-2007 - 17:28 | |
CVE-2007-1701 | 6.8 |
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling se
|
09-10-2019 - 22:52 | 27-03-2007 - 01:19 | |
CVE-2007-0778 | 5.4 |
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i
|
09-10-2019 - 22:52 | 26-02-2007 - 20:28 | |
CVE-2007-0777 | 9.3 |
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vect
|
09-10-2019 - 22:52 | 26-02-2007 - 19:28 | |
CVE-2007-0780 | 6.8 |
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked
|
09-10-2019 - 22:52 | 26-02-2007 - 20:28 | |
CVE-2007-0994 | 6.8 |
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI
|
09-10-2019 - 22:52 | 06-03-2007 - 00:19 | |
CVE-2007-0009 | 6.8 |
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System ser
|
09-10-2019 - 22:51 | 26-02-2007 - 20:28 | |
CVE-2009-1690 | 9.3 |
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary c
|
26-09-2019 - 17:05 | 10-06-2009 - 14:30 | |
CVE-2007-1864 | 7.5 |
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
|
22-05-2019 - 18:44 | 09-05-2007 - 00:19 | |
CVE-2009-0147 | 4.3 |
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg,
|
06-03-2019 - 16:30 | 23-04-2009 - 17:30 | |
CVE-2009-1180 | 6.8 |
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
|
06-03-2019 - 16:30 | 23-04-2009 - 17:30 | |
CVE-2009-0799 | 4.3 |
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
|
06-03-2019 - 16:30 | 23-04-2009 - 17:30 | |
CVE-2009-0166 | 4.3 |
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
|
06-03-2019 - 16:30 | 23-04-2009 - 17:30 | |
CVE-2009-1182 | 7.5 |
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
|
06-03-2019 - 16:30 | 23-04-2009 - 17:30 | |
CVE-2009-0146 | 4.3 |
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (
|
06-03-2019 - 16:30 | 23-04-2009 - 17:30 | |
CVE-2009-0195 | 6.8 |
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.
|
06-03-2019 - 16:30 | 23-04-2009 - 17:30 | |
CVE-2010-1086 | 7.8 |
The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Point
|
16-11-2018 - 16:17 | 06-04-2010 - 22:30 | |
CVE-2010-1085 | 7.1 |
The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero
|
16-11-2018 - 16:16 | 06-04-2010 - 22:30 | |
CVE-2010-0159 | 10.0 |
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute
|
16-11-2018 - 15:56 | 22-02-2010 - 13:00 | |
CVE-2009-4538 | 10.0 |
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a r
|
16-11-2018 - 15:53 | 12-01-2010 - 17:30 | |
CVE-2009-4537 | 7.8 |
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via
|
16-11-2018 - 15:52 | 12-01-2010 - 17:30 | |
CVE-2009-4536 | 7.8 |
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypas
|
16-11-2018 - 15:51 | 12-01-2010 - 17:30 | |
CVE-2009-1633 | 7.1 |
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to U
|
08-11-2018 - 20:29 | 28-05-2009 - 20:30 | |
CVE-2009-0322 | 4.9 |
drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size
|
08-11-2018 - 20:20 | 28-01-2009 - 18:30 | |
CVE-2008-5507 | 6.0 |
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL th
|
08-11-2018 - 20:12 | 17-12-2008 - 23:30 | |
CVE-2008-5508 | 4.3 |
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent
|
08-11-2018 - 20:12 | 17-12-2008 - 23:30 | |
CVE-2008-5510 | 5.0 |
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms s
|
08-11-2018 - 20:12 | 17-12-2008 - 23:30 | |
CVE-2008-5506 | 6.8 |
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-contr
|
08-11-2018 - 20:12 | 17-12-2008 - 23:30 | |
CVE-2008-5501 | 5.0 |
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.
|
08-11-2018 - 20:11 | 17-12-2008 - 23:30 | |
CVE-2008-5502 | 5.0 |
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEnti
|
08-11-2018 - 20:11 | 17-12-2008 - 23:30 | |
CVE-2008-5500 | 10.0 |
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via ve
|
08-11-2018 - 20:10 | 17-12-2008 - 23:30 | |
CVE-2008-5512 | 6.8 |
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown v
|
02-11-2018 - 14:54 | 17-12-2008 - 23:30 | |
CVE-2008-5052 | 10.0 |
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that
|
02-11-2018 - 13:50 | 13-11-2008 - 11:30 | |
CVE-2008-5024 | 7.5 |
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection at
|
02-11-2018 - 13:50 | 13-11-2008 - 11:30 | |
CVE-2008-5022 | 7.5 |
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrar
|
02-11-2018 - 13:49 | 13-11-2008 - 11:30 | |
CVE-2008-5023 | 7.5 |
Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR f
|
02-11-2018 - 13:49 | 13-11-2008 - 11:30 | |
CVE-2008-5018 | 10.0 |
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient
|
02-11-2018 - 13:48 | 13-11-2008 - 11:30 | |
CVE-2008-5017 | 10.0 |
Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (c
|
02-11-2018 - 13:48 | 13-11-2008 - 11:30 | |
CVE-2008-4934 | 7.8 |
The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (syste
|
02-11-2018 - 13:47 | 05-11-2008 - 15:00 | |
CVE-2008-5014 | 10.0 |
jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifyin
|
02-11-2018 - 13:47 | 13-11-2008 - 11:30 | |
CVE-2009-0689 | 6.8 |
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD
|
02-11-2018 - 10:29 | 01-07-2009 - 13:00 | |
CVE-2008-4062 | 10.0 |
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or po
|
01-11-2018 - 16:23 | 24-09-2008 - 20:37 | |
CVE-2008-4061 | 10.0 |
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash)
|
01-11-2018 - 16:23 | 24-09-2008 - 20:37 | |
CVE-2008-4058 | 7.5 |
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vec
|
01-11-2018 - 16:23 | 24-09-2008 - 20:37 | |
CVE-2008-4067 | 4.3 |
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash)
|
01-11-2018 - 16:22 | 24-09-2008 - 20:37 | |
CVE-2008-4065 | 4.3 |
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) charact
|
01-11-2018 - 16:22 | 24-09-2008 - 20:37 | |
CVE-2008-4068 | 7.8 |
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive inf
|
01-11-2018 - 15:15 | 24-09-2008 - 20:37 | |
CVE-2008-3837 | 9.3 |
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted
|
01-11-2018 - 15:14 | 24-09-2008 - 20:37 | |
CVE-2008-2712 | 9.3 |
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3)
|
01-11-2018 - 15:07 | 16-06-2008 - 21:41 | |
CVE-2008-2725 | 7.8 |
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger mem
|
01-11-2018 - 15:07 | 24-06-2008 - 19:41 | |
CVE-2008-2726 | 7.8 |
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent at
|
01-11-2018 - 15:07 | 24-06-2008 - 19:41 | |
CVE-2008-2663 | 10.0 |
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service v
|
01-11-2018 - 15:06 | 24-06-2008 - 19:41 | |
CVE-2008-2664 | 7.8 |
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related t
|
01-11-2018 - 15:06 | 24-06-2008 - 19:41 | |
CVE-2008-2662 | 10.0 |
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or
|
01-11-2018 - 15:02 | 24-06-2008 - 19:41 | |
CVE-2008-2136 | 7.8 |
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT
|
31-10-2018 - 18:55 | 16-05-2008 - 12:54 | |
CVE-2007-2926 | 4.3 |
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query i
|
30-10-2018 - 16:27 | 24-07-2007 - 17:30 | |
CVE-2009-1364 | 7.5 |
Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. <a href="http://cwe.mitre.org/dat
|
30-10-2018 - 16:27 | 01-05-2009 - 17:30 | |
CVE-2006-5823 | 4.0 |
The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.
|
30-10-2018 - 16:26 | 09-11-2006 - 11:07 | |
CVE-2006-5751 | 7.2 |
Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request.
|
30-10-2018 - 16:26 | 02-12-2006 - 02:28 | |
CVE-2009-4142 | 4.3 |
The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks b
|
30-10-2018 - 16:26 | 21-12-2009 - 16:30 | |
CVE-2006-4538 | 4.9 |
Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to cause a denial of service (crash) via a malformed ELF file that triggers memory maps that cross region boundaries.
|
30-10-2018 - 16:26 | 05-09-2006 - 19:04 | |
CVE-2007-2876 | 6.1 |
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid
|
30-10-2018 - 16:26 | 11-06-2007 - 23:30 | |
CVE-2006-5174 | 2.1 |
The copy_from_user function in the uaccess code in Linux kernel 2.6 before 2.6.19-rc1, when running on s390, does not properly clear a kernel buffer, which allows local user space programs to read portions of kernel memory by "appending to a file fro
|
30-10-2018 - 16:26 | 10-10-2006 - 04:06 | |
CVE-2006-3468 | 7.8 |
Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error an
|
30-10-2018 - 16:26 | 21-07-2006 - 14:03 | |
CVE-2008-1669 | 6.9 |
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
|
30-10-2018 - 16:26 | 08-05-2008 - 00:20 | |
CVE-2009-3291 | 7.5 |
The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
|
30-10-2018 - 16:26 | 22-09-2009 - 10:30 | |
CVE-2009-3292 | 7.5 |
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
|
30-10-2018 - 16:26 | 22-09-2009 - 10:30 | |
CVE-2006-1052 | 2.1 |
The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process.
|
30-10-2018 - 16:26 | 05-05-2006 - 12:46 | |
CVE-2004-2660 | 4.9 |
Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests. This vulnerability is addressed in the following product release:
Li
|
30-10-2018 - 16:26 | 31-12-2004 - 05:00 | |
CVE-2006-1056 | 2.1 |
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allow
|
30-10-2018 - 16:26 | 20-04-2006 - 10:02 | |
CVE-2006-0744 | 4.9 |
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with
|
30-10-2018 - 16:26 | 18-04-2006 - 10:02 | |
CVE-2005-0136 | 2.1 |
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761
|
30-10-2018 - 16:26 | 31-12-2005 - 05:00 | |
CVE-2007-0908 | 5.0 |
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element
|
30-10-2018 - 16:26 | 13-02-2007 - 23:28 | |
CVE-2007-5398 | 9.3 |
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requ
|
30-10-2018 - 16:25 | 16-11-2007 - 18:46 | |
CVE-2008-5013 | 9.3 |
Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically u
|
30-10-2018 - 16:25 | 13-11-2008 - 11:30 | |
CVE-2008-5498 | 5.0 |
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an inde
|
30-10-2018 - 16:25 | 26-12-2008 - 20:30 | |
CVE-2007-6015 | 9.3 |
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC stri
|
30-10-2018 - 16:25 | 13-12-2007 - 21:46 | |
CVE-2006-5465 | 7.5 |
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
|
30-10-2018 - 16:25 | 04-11-2006 - 00:07 | |
CVE-2007-4572 | 9.3 |
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon se
|
30-10-2018 - 16:25 | 16-11-2007 - 18:46 | |
CVE-2009-3376 | 9.3 |
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via
|
30-10-2018 - 16:25 | 29-10-2009 - 14:30 | |
CVE-2009-2462 | 10.0 |
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synch
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
CVE-2009-1836 | 6.8 |
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attacke
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1838 | 9.3 |
The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1841 | 9.3 |
js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by t
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2006-4486 | 2.6 |
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
CVE-2009-3373 | 10.0 |
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
|
30-10-2018 - 16:25 | 29-10-2009 - 14:30 | |
CVE-2009-1835 | 4.3 |
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML docu
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-1832 | 9.3 |
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double fra
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-2465 | 10.0 |
Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cp
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
CVE-2007-2509 | 2.6 |
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
|
30-10-2018 - 16:25 | 09-05-2007 - 00:19 | |
CVE-2006-3017 | 9.3 |
zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the varia
|
30-10-2018 - 16:25 | 14-06-2006 - 23:02 | |
CVE-2009-2464 | 10.0 |
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
CVE-2009-2463 | 10.0 |
Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a deni
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
CVE-2009-1834 | 4.3 |
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whites
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2009-3372 | 9.3 |
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
|
30-10-2018 - 16:25 | 29-10-2009 - 14:30 | |
CVE-2006-4484 | 2.6 |
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overfl
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
CVE-2009-2466 | 10.0 |
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2
|
30-10-2018 - 16:25 | 22-07-2009 - 18:30 | |
CVE-2009-2210 | 9.3 |
Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that
|
30-10-2018 - 16:25 | 25-06-2009 - 17:30 | |
CVE-2009-1833 | 9.3 |
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vec
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2005-3883 | 5.0 |
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
|
30-10-2018 - 16:25 | 29-11-2005 - 11:03 | |
CVE-2007-1380 | 5.0 |
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, w
|
30-10-2018 - 16:25 | 10-03-2007 - 00:19 | |
CVE-2010-0178 | 7.6 |
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript wit
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2010-0169 | 5.0 |
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings i
|
30-10-2018 - 16:25 | 25-03-2010 - 21:00 | |
CVE-2010-0182 | 4.3 |
The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 does not perform the expected nsIContentPolicy checks during loading of content by XML documents, which allows
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2007-1001 | 6.8 |
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP)
|
30-10-2018 - 16:25 | 06-04-2007 - 00:19 | |
CVE-2005-3389 | 5.0 |
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting,
|
30-10-2018 - 16:25 | 01-11-2005 - 12:47 | |
CVE-2010-0177 | 9.3 |
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to ex
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2009-1392 | 9.3 |
The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vect
|
30-10-2018 - 16:25 | 12-06-2009 - 21:30 | |
CVE-2005-1042 | 7.5 |
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.
|
30-10-2018 - 16:25 | 02-05-2005 - 04:00 | |
CVE-2003-1303 | 5.0 |
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in
|
30-10-2018 - 16:25 | 31-12-2003 - 05:00 | |
CVE-2006-0208 | 2.6 |
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are i
|
30-10-2018 - 16:25 | 13-01-2006 - 23:03 | |
CVE-2007-1825 | 7.5 |
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue
|
30-10-2018 - 16:25 | 02-04-2007 - 23:19 | |
CVE-2009-1303 | 5.0 |
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGE
|
30-10-2018 - 16:25 | 22-04-2009 - 18:30 | |
CVE-2008-0960 | 10.0 |
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Dat
|
30-10-2018 - 16:25 | 10-06-2008 - 18:32 | |
CVE-2010-0167 | 9.3 |
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash)
|
30-10-2018 - 16:25 | 25-03-2010 - 21:00 | |
CVE-2010-0174 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2007-1718 | 7.8 |
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of
|
30-10-2018 - 16:25 | 28-03-2007 - 00:19 | |
CVE-2006-1494 | 2.6 |
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.
|
30-10-2018 - 16:25 | 10-04-2006 - 19:02 | |
CVE-2007-0958 | 2.1 |
Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073.
|
30-10-2018 - 16:25 | 15-02-2007 - 18:28 | |
CVE-2005-3390 | 7.5 |
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST reque
|
30-10-2018 - 16:25 | 01-11-2005 - 12:47 | |
CVE-2007-1583 | 6.8 |
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with
|
30-10-2018 - 16:25 | 21-03-2007 - 23:19 | |
CVE-2005-1043 | 5.0 |
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
|
30-10-2018 - 16:25 | 14-04-2005 - 04:00 | |
CVE-2007-0909 | 7.5 |
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
|
30-10-2018 - 16:25 | 13-02-2007 - 23:28 | |
CVE-2010-0175 | 9.3 |
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of se
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2010-0176 | 9.3 |
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2004-1065 | 10.0 |
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
|
30-10-2018 - 16:25 | 10-01-2005 - 05:00 | |
CVE-2010-0179 | 5.1 |
Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects
|
30-10-2018 - 16:25 | 05-04-2010 - 17:30 | |
CVE-2004-1019 | 10.0 |
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free
|
30-10-2018 - 16:25 | 10-01-2005 - 05:00 | |
CVE-2010-0171 | 4.3 |
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) at
|
30-10-2018 - 16:25 | 25-03-2010 - 21:00 | |
CVE-2007-0906 | 7.5 |
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) s
|
30-10-2018 - 16:25 | 13-02-2007 - 23:28 | |
CVE-2007-0910 | 10.0 |
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
|
30-10-2018 - 16:25 | 13-02-2007 - 23:28 | |
CVE-2007-0907 | 5.0 |
Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.
|
30-10-2018 - 16:25 | 13-02-2007 - 23:28 | |
CVE-2005-3353 | 5.0 |
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
|
30-10-2018 - 16:25 | 18-11-2005 - 23:03 | |
CVE-2007-1217 | 6.9 |
Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet.
|
30-10-2018 - 16:25 | 02-03-2007 - 21:18 | |
CVE-2009-1311 | 4.3 |
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during
|
30-10-2018 - 16:25 | 22-04-2009 - 18:30 | |
CVE-2008-0017 | 9.3 |
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (
|
26-10-2018 - 14:19 | 13-11-2008 - 11:30 | |
CVE-2007-3998 | 5.0 |
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certai
|
26-10-2018 - 13:59 | 04-09-2007 - 18:17 | |
CVE-2007-2691 | 4.9 |
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. The vendor has released a product update to address
|
19-10-2018 - 19:00 | 16-05-2007 - 01:19 | |
CVE-2007-2172 | 4.7 |
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, I
|
19-10-2018 - 18:59 | 22-04-2007 - 19:19 | |
CVE-2007-2138 | 6.0 |
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the p
|
19-10-2018 - 18:54 | 24-04-2007 - 20:19 | |
CVE-2006-0747 | 5.0 |
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of val
|
19-10-2018 - 15:46 | 23-05-2006 - 10:06 | |
CVE-2006-0746 | 7.5 |
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
|
19-10-2018 - 15:46 | 09-03-2006 - 00:02 | |
CVE-2006-0748 | 9.3 |
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that
|
19-10-2018 - 15:46 | 14-04-2006 - 10:02 | |
CVE-2006-0749 | 9.3 |
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via
|
19-10-2018 - 15:46 | 14-04-2006 - 10:02 | |
CVE-2006-0645 | 7.5 |
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by inva
|
19-10-2018 - 15:45 | 10-02-2006 - 18:06 | |
CVE-2006-0576 | 7.2 |
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not ru
|
19-10-2018 - 15:45 | 08-02-2006 - 00:06 | |
CVE-2006-0591 | 1.2 |
The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a s
|
19-10-2018 - 15:45 | 08-02-2006 - 01:02 | |
CVE-2006-0301 | 7.5 |
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted
|
19-10-2018 - 15:44 | 30-01-2006 - 22:03 | |
CVE-2006-0300 | 5.1 |
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
|
19-10-2018 - 15:44 | 24-02-2006 - 00:02 | |
CVE-2006-0225 | 4.6 |
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
|
19-10-2018 - 15:43 | 25-01-2006 - 11:03 | |
CVE-2006-0292 | 7.5 |
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garb
|
19-10-2018 - 15:43 | 02-02-2006 - 20:06 | |
CVE-2006-0296 | 5.0 |
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf fil
|
19-10-2018 - 15:43 | 02-02-2006 - 20:06 | |
CVE-2006-0058 | 7.6 |
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory location
|
19-10-2018 - 15:42 | 22-03-2006 - 20:06 | |
CVE-2006-0019 | 7.5 |
Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI.
|
19-10-2018 - 15:42 | 20-01-2006 - 21:03 | |
CVE-2006-0049 | 5.0 |
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report
|
19-10-2018 - 15:42 | 13-03-2006 - 21:06 | |
CVE-2006-0095 | 2.1 |
dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.
|
19-10-2018 - 15:42 | 06-01-2006 - 11:03 | |
CVE-2006-0082 | 5.1 |
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric fo
|
19-10-2018 - 15:42 | 04-01-2006 - 23:03 | |
CVE-2005-4601 | 7.5 |
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
|
19-10-2018 - 15:41 | 31-12-2005 - 05:00 | |
CVE-2005-4667 | 3.7 |
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses
|
19-10-2018 - 15:41 | 31-12-2005 - 05:00 | |
CVE-2005-4348 | 7.8 |
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
|
19-10-2018 - 15:40 | 21-12-2005 - 00:03 | |
CVE-2005-4134 | 5.0 |
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not
|
19-10-2018 - 15:40 | 09-12-2005 - 15:03 | |
CVE-2005-4077 | 4.6 |
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prev
|
19-10-2018 - 15:40 | 08-12-2005 - 01:03 | |
CVE-2005-3962 | 4.6 |
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an int
|
19-10-2018 - 15:39 | 01-12-2005 - 17:03 | |
CVE-2005-3784 | 4.9 |
The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a denial of service (crash) and gain root privileges.
|
19-10-2018 - 15:39 | 23-11-2005 - 21:03 | |
CVE-2005-3806 | 6.6 |
The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) b
|
19-10-2018 - 15:39 | 25-11-2005 - 21:03 | |
CVE-2005-3964 | 7.5 |
Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
|
19-10-2018 - 15:39 | 02-12-2005 - 11:03 | |
CVE-2005-3857 | 4.9 |
The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cause a denial of service (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk func
|
19-10-2018 - 15:39 | 27-11-2005 - 21:03 | |
CVE-2005-3732 | 7.8 |
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packet
|
19-10-2018 - 15:38 | 21-11-2005 - 22:03 | |
CVE-2005-3628 | 7.5 |
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary co
|
19-10-2018 - 15:38 | 31-12-2005 - 05:00 | |
CVE-2005-3624 | 5.0 |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int
|
19-10-2018 - 15:37 | 31-12-2005 - 05:00 | |
CVE-2005-3625 | 10.0 |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and
|
19-10-2018 - 15:37 | 31-12-2005 - 05:00 | |
CVE-2005-3626 | 5.0 |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
|
19-10-2018 - 15:37 | 31-12-2005 - 05:00 | |
CVE-2005-3627 | 7.5 |
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components"
|
19-10-2018 - 15:37 | 31-12-2005 - 05:00 | |
CVE-2005-3350 | 7.5 |
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
|
19-10-2018 - 15:35 | 04-11-2005 - 00:02 | |
CVE-2005-3276 | 2.1 |
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
|
19-10-2018 - 15:35 | 21-10-2005 - 01:02 | |
CVE-2005-3192 | 7.5 |
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitra
|
19-10-2018 - 15:35 | 08-12-2005 - 01:03 | |
CVE-2005-3193 | 5.1 |
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-
|
19-10-2018 - 15:35 | 07-12-2005 - 00:03 | |
CVE-2005-3275 | 2.6 |
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by
|
19-10-2018 - 15:35 | 21-10-2005 - 01:02 | |
CVE-2005-3191 | 5.1 |
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KD
|
19-10-2018 - 15:34 | 07-12-2005 - 01:03 | |
CVE-2005-2933 | 7.5 |
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a
|
19-10-2018 - 15:34 | 13-10-2005 - 22:02 | |
CVE-2005-3055 | 2.1 |
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer ref
|
19-10-2018 - 15:34 | 26-09-2005 - 19:03 | |
CVE-2005-3110 | 2.6 |
Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to
|
19-10-2018 - 15:34 | 30-09-2005 - 10:05 | |
CVE-2005-3178 | 5.1 |
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
|
19-10-2018 - 15:34 | 07-10-2005 - 18:02 | |
CVE-2005-3044 | 2.1 |
Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on
|
19-10-2018 - 15:34 | 22-09-2005 - 21:03 | |
CVE-2005-3180 | 5.0 |
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
|
19-10-2018 - 15:34 | 12-10-2005 - 13:04 | |
CVE-2005-3109 | 2.1 |
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.
|
19-10-2018 - 15:34 | 30-09-2005 - 10:05 | |
CVE-2005-2929 | 7.5 |
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
|
19-10-2018 - 15:34 | 18-11-2005 - 06:03 | |
CVE-2005-2872 | 5.0 |
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads t
|
19-10-2018 - 15:34 | 09-09-2005 - 19:07 | |
CVE-2005-3186 | 7.5 |
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer o
|
19-10-2018 - 15:34 | 18-11-2005 - 06:03 | |
CVE-2005-3011 | 1.2 |
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
19-10-2018 - 15:34 | 21-09-2005 - 20:03 | |
CVE-2005-2876 | 7.2 |
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just
|
19-10-2018 - 15:34 | 13-09-2005 - 23:03 | |
CVE-2005-2800 | 2.1 |
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, whi
|
19-10-2018 - 15:33 | 06-09-2005 - 17:03 | |
CVE-2005-2641 | 7.5 |
Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate
|
19-10-2018 - 15:33 | 23-08-2005 - 04:00 | |
CVE-2005-2555 | 4.6 |
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.
|
19-10-2018 - 15:33 | 16-08-2005 - 04:00 | |
CVE-2005-2798 | 5.0 |
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
|
19-10-2018 - 15:33 | 06-09-2005 - 17:03 | |
CVE-2005-2492 | 3.6 |
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.
|
19-10-2018 - 15:33 | 14-09-2005 - 19:03 | |
CVE-2005-2709 | 4.6 |
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unreg
|
19-10-2018 - 15:33 | 20-11-2005 - 22:03 | |
CVE-2005-2495 | 5.1 |
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
|
19-10-2018 - 15:33 | 15-09-2005 - 20:03 | |
CVE-2005-2098 | 5.0 |
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore
|
19-10-2018 - 15:32 | 23-08-2005 - 04:00 | |
CVE-2005-2335 | 5.0 |
Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifie
|
19-10-2018 - 15:32 | 27-07-2005 - 04:00 | |
CVE-2005-2370 | 5.0 |
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
|
19-10-2018 - 15:32 | 26-07-2005 - 04:00 | |
CVE-2005-2458 | 5.0 |
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
|
19-10-2018 - 15:32 | 23-08-2005 - 04:00 | |
CVE-2005-1934 | 5.0 |
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
|
19-10-2018 - 15:32 | 19-05-2005 - 04:00 | |
CVE-2005-2490 | 4.6 |
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
|
19-10-2018 - 15:32 | 14-09-2005 - 19:03 | |
CVE-2005-2177 | 5.0 |
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an
|
19-10-2018 - 15:32 | 11-07-2005 - 04:00 | |
CVE-2005-2099 | 5.0 |
The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which caus
|
19-10-2018 - 15:32 | 23-08-2005 - 04:00 | |
CVE-2005-2097 | 2.1 |
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when
|
19-10-2018 - 15:32 | 16-08-2005 - 04:00 | |
CVE-2005-1993 | 3.7 |
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
|
19-10-2018 - 15:32 | 20-06-2005 - 04:00 | |
CVE-2005-2102 | 5.0 |
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
|
19-10-2018 - 15:32 | 16-08-2005 - 04:00 | |
CVE-2005-0867 | 7.2 |
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-0208 | 5.0 |
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1763 | 7.2 |
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.
|
19-10-2018 - 15:31 | 09-06-2005 - 04:00 | |
CVE-2005-0967 | 5.0 |
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-0638 | 7.5 |
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
|
19-10-2018 - 15:31 | 02-03-2005 - 05:00 | |
CVE-2005-0472 | 5.0 |
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
|
19-10-2018 - 15:31 | 14-03-2005 - 05:00 | |
CVE-2005-0546 | 7.5 |
Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow i
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-0088 | 7.5 |
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1262 | 5.0 |
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
|
19-10-2018 - 15:31 | 11-05-2005 - 04:00 | |
CVE-2005-1264 | 7.2 |
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2
|
19-10-2018 - 15:31 | 17-05-2005 - 04:00 | |
CVE-2005-0237 | 5.0 |
The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from o
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1041 | 2.1 |
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1704 | 4.6 |
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of sect
|
19-10-2018 - 15:31 | 24-05-2005 - 04:00 | |
CVE-2005-0473 | 5.0 |
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
|
19-10-2018 - 15:31 | 14-03-2005 - 05:00 | |
CVE-2005-1410 | 2.1 |
The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause
|
19-10-2018 - 15:31 | 03-05-2005 - 04:00 | |
CVE-2005-1269 | 5.0 |
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
|
19-10-2018 - 15:31 | 16-06-2005 - 04:00 | |
CVE-2005-0977 | 2.1 |
The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-0756 | 2.1 |
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).
|
19-10-2018 - 15:31 | 08-06-2005 - 04:00 | |
CVE-2005-0077 | 2.1 |
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-0100 | 7.5 |
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
|
19-10-2018 - 15:31 | 07-02-2005 - 05:00 | |
CVE-2005-0953 | 3.7 |
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1267 | 5.0 |
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
|
19-10-2018 - 15:31 | 10-06-2005 - 04:00 | |
CVE-2005-1265 | 2.1 |
The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).
|
19-10-2018 - 15:31 | 16-06-2005 - 04:00 | |
CVE-2005-1278 | 5.0 |
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1280 | 5.0 |
The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1279 | 5.0 |
tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1762 | 2.1 |
The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.
|
19-10-2018 - 15:31 | 02-08-2005 - 04:00 | |
CVE-2005-0965 | 5.0 |
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-1261 | 7.5 |
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
|
19-10-2018 - 15:31 | 11-05-2005 - 04:00 | |
CVE-2005-1409 | 7.5 |
PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."
|
19-10-2018 - 15:31 | 03-05-2005 - 04:00 | |
CVE-2005-1046 | 7.5 |
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-0966 | 6.4 |
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and po
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2005-0396 | 2.1 |
Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2004-1186 | 5.0 |
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
|
19-10-2018 - 15:30 | 31-12-2004 - 05:00 | |
CVE-2004-1184 | 4.6 |
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
|
19-10-2018 - 15:30 | 21-01-2005 - 05:00 | |
CVE-2004-1185 | 7.5 |
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
|
19-10-2018 - 15:30 | 21-01-2005 - 05:00 | |
CVE-2002-2185 | 4.9 |
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the
|
19-10-2018 - 15:29 | 31-12-2002 - 05:00 | |
CVE-2006-3626 | 6.2 |
Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root.
|
18-10-2018 - 16:48 | 18-07-2006 - 15:46 | |
CVE-2006-3627 | 5.0 |
Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (aka Ethereal) 0.10.11 to 0.99.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors. This vulnerability is addressed in the following product release
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3631 | 5.0 |
Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. This vulnerability is addressed in the following product rele
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3677 | 7.5 |
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a cra
|
18-10-2018 - 16:48 | 27-07-2006 - 19:04 | |
CVE-2006-3636 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
18-10-2018 - 16:48 | 06-09-2006 - 00:04 | |
CVE-2006-3628 | 10.0 |
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissec
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3630 | 7.5 |
Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to 0.99.0 have unknown impact and remote attack vectors via the (1) NCP NMAS and (2) NDPS dissectors.
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3629 | 7.8 |
Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. This vulnerability is addressed in the following product r
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3632 | 10.0 |
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. This vulnerability is addressed in the following product release:
Ethereal G
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3403 | 5.0 |
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.
|
18-10-2018 - 16:47 | 12-07-2006 - 19:05 | |
CVE-2006-3376 | 7.5 |
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field i
|
18-10-2018 - 16:47 | 06-07-2006 - 20:05 | |
CVE-2006-3242 | 7.5 |
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
|
18-10-2018 - 16:46 | 27-06-2006 - 10:05 | |
CVE-2006-3113 | 7.5 |
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to
|
18-10-2018 - 16:45 | 27-07-2006 - 20:04 | |
CVE-2006-3117 | 7.6 |
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw,
|
18-10-2018 - 16:45 | 30-06-2006 - 18:05 | |
CVE-2006-3082 | 5.0 |
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to a
|
18-10-2018 - 16:45 | 19-06-2006 - 18:02 | |
CVE-2006-3016 | 9.3 |
Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-
|
18-10-2018 - 16:45 | 14-06-2006 - 23:02 | |
CVE-2006-2940 | 7.8 |
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates tha
|
18-10-2018 - 16:44 | 28-09-2006 - 18:07 | |
CVE-2006-2937 | 7.8 |
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.
|
18-10-2018 - 16:43 | 28-09-2006 - 18:07 | |
CVE-2006-2783 | 4.3 |
Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the mi
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
CVE-2006-2781 | 6.4 |
Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 charact
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
CVE-2006-2784 | 5.1 |
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascrip
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
CVE-2006-2786 | 2.6 |
HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites
|
18-10-2018 - 16:42 | 02-06-2006 - 20:02 | |
CVE-2006-2782 | 4.3 |
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. Fixed in: Firefox 1.5
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
CVE-2006-2779 | 9.3 |
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
CVE-2006-2778 | 5.0 |
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer over
|
18-10-2018 - 16:42 | 02-06-2006 - 18:02 | |
CVE-2006-2785 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
CVE-2006-2787 | 9.3 |
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
|
18-10-2018 - 16:42 | 02-06-2006 - 20:02 | |
CVE-2006-2780 | 9.3 |
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption. Fixed in: Firefox 1.5.0.4
Thu
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
CVE-2006-2776 | 7.5 |
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended. This vulnerability is addressed in t
|
18-10-2018 - 16:41 | 02-06-2006 - 18:02 | |
CVE-2006-2449 | 4.0 |
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. Vendor links provide patches for each version affected.
|
18-10-2018 - 16:40 | 15-06-2006 - 10:02 | |
CVE-2006-2451 | 4.6 |
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prc
|
18-10-2018 - 16:40 | 07-07-2006 - 18:05 | |
CVE-2006-2607 | 7.2 |
do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a progr
|
18-10-2018 - 16:40 | 25-05-2006 - 20:02 | |
CVE-2006-2447 | 5.1 |
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username.
|
18-10-2018 - 16:40 | 06-06-2006 - 21:06 | |
CVE-2006-2313 | 7.5 |
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte charact
|
18-10-2018 - 16:39 | 24-05-2006 - 10:06 | |
CVE-2006-2314 | 7.5 |
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow th
|
18-10-2018 - 16:39 | 24-05-2006 - 10:06 | |
CVE-2006-2223 | 5.0 |
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST p
|
18-10-2018 - 16:38 | 05-05-2006 - 19:02 | |
CVE-2006-2224 | 5.0 |
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
|
18-10-2018 - 16:38 | 05-05-2006 - 19:02 | |
CVE-2006-2198 | 7.6 |
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
|
18-10-2018 - 16:38 | 30-06-2006 - 18:05 | |
CVE-2006-2199 | 7.6 |
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice docu
|
18-10-2018 - 16:38 | 30-06-2006 - 18:05 | |
CVE-2006-2071 | 2.1 |
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issu
|
18-10-2018 - 16:37 | 27-04-2006 - 17:06 | |
CVE-2006-1990 | 5.0 |
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer ov
|
18-10-2018 - 16:37 | 24-04-2006 - 23:02 | |
CVE-2006-1742 | 5.0 |
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remot
|
18-10-2018 - 16:36 | 14-04-2006 - 10:02 | |
CVE-2006-1864 | 4.6 |
Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863.
|
18-10-2018 - 16:36 | 26-04-2006 - 18:06 | |
CVE-2006-1790 | 10.0 |
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.
|
18-10-2018 - 16:36 | 14-04-2006 - 19:02 | |
CVE-2006-1737 | 9.3 |
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via
|
18-10-2018 - 16:35 | 14-04-2006 - 18:02 | |
CVE-2006-1735 | 9.3 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javas
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
CVE-2006-1739 | 9.3 |
The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
CVE-2006-1733 | 6.8 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
CVE-2006-1740 | 2.6 |
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
CVE-2006-1738 | 5.0 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (
|
18-10-2018 - 16:35 | 14-04-2006 - 18:02 | |
CVE-2006-1734 | 6.8 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal func
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
CVE-2006-1741 | 4.3 |
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new p
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
CVE-2006-1727 | 7.6 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to t
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2006-1732 | 4.3 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS)
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2006-1729 | 4.3 |
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2006-1724 | 7.5 |
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via atta
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2006-1721 | 2.6 |
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in
|
18-10-2018 - 16:34 | 11-04-2006 - 23:02 | |
CVE-2006-1728 | 9.3 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypt
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2006-1730 | 9.3 |
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing prop
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2006-1731 | 4.3 |
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are calle
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2006-1550 | 7.6 |
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of poi
|
18-10-2018 - 16:33 | 30-03-2006 - 23:02 | |
CVE-2006-1526 | 2.1 |
Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XRenderCompositeTriFan requests in the rendertest fro
|
18-10-2018 - 16:33 | 02-05-2006 - 21:06 | |
CVE-2006-1343 | 2.1 |
net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the getsockopt function with SO_ORIGIN
|
18-10-2018 - 16:32 | 21-03-2006 - 18:02 | |
CVE-2006-1242 | 5.0 |
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which b
|
18-10-2018 - 16:31 | 15-03-2006 - 17:06 | |
CVE-2006-1173 | 5.0 |
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Se
|
18-10-2018 - 16:31 | 07-06-2006 - 23:06 | |
CVE-2006-1045 | 2.6 |
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive info
|
18-10-2018 - 16:30 | 07-03-2006 - 11:02 | |
CVE-2006-0884 | 9.3 |
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript U
|
18-10-2018 - 16:29 | 24-02-2006 - 22:02 | |
CVE-2006-6498 | 6.8 |
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6497 | 6.8 |
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6503 | 6.8 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript:
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6505 | 6.8 |
Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME no
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6504 | 9.3 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6502 | 7.1 |
Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6501 | 6.8 |
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
CVE-2006-6169 | 6.8 |
Heap-based buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the make_printable
|
17-10-2018 - 21:47 | 29-11-2006 - 18:28 | |
CVE-2006-6235 | 10.0 |
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated s
|
17-10-2018 - 21:47 | 07-12-2006 - 11:28 | |
CVE-2006-6097 | 4.0 |
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function
|
17-10-2018 - 21:46 | 24-11-2006 - 18:07 | |
CVE-2006-6077 | 5.0 |
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matc
|
17-10-2018 - 21:46 | 24-11-2006 - 17:07 | |
CVE-2006-6106 | 7.5 |
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service
|
17-10-2018 - 21:46 | 19-12-2006 - 19:28 | |
CVE-2006-5925 | 7.5 |
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements.
|
17-10-2018 - 21:45 | 15-11-2006 - 19:07 | |
CVE-2006-5867 | 7.8 |
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
|
17-10-2018 - 21:45 | 31-12-2006 - 05:00 | |
CVE-2006-5793 | 2.6 |
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks tha
|
17-10-2018 - 21:45 | 17-11-2006 - 23:07 | |
CVE-2006-5794 | 7.5 |
Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed th
|
17-10-2018 - 21:45 | 08-11-2006 - 20:07 | |
CVE-2006-5870 | 9.3 |
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that trig
|
17-10-2018 - 21:45 | 31-12-2006 - 05:00 | |
CVE-2006-5748 | 5.0 |
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi
|
17-10-2018 - 21:44 | 08-11-2006 - 21:07 | |
CVE-2006-5740 | 5.0 |
Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
|
17-10-2018 - 21:44 | 27-10-2006 - 23:07 | |
CVE-2006-5747 | 7.5 |
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function.
|
17-10-2018 - 21:44 | 08-11-2006 - 21:07 | |
CVE-2006-5469 | 5.0 |
Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference.
|
17-10-2018 - 21:43 | 28-10-2006 - 00:07 | |
CVE-2006-5468 | 5.0 |
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
|
17-10-2018 - 21:43 | 27-10-2006 - 23:07 | |
CVE-2006-5463 | 7.5 |
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object whi
|
17-10-2018 - 21:43 | 08-11-2006 - 22:07 | |
CVE-2006-5619 | 2.1 |
The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flow
|
17-10-2018 - 21:43 | 31-10-2006 - 19:07 | |
CVE-2006-5464 | 5.0 |
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors.
|
17-10-2018 - 21:43 | 08-11-2006 - 21:07 | |
CVE-2006-5456 | 5.1 |
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage functio
|
17-10-2018 - 21:43 | 23-10-2006 - 17:07 | |
CVE-2006-5052 | 5.0 |
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
|
17-10-2018 - 21:40 | 27-09-2006 - 23:07 | |
CVE-2006-4924 | 7.8 |
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
|
17-10-2018 - 21:40 | 27-09-2006 - 01:07 | |
CVE-2006-4810 | 4.6 |
Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file.
|
17-10-2018 - 21:39 | 08-11-2006 - 21:07 | |
CVE-2006-4805 | 5.0 |
epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a ze
|
17-10-2018 - 21:39 | 27-10-2006 - 23:07 | |
CVE-2006-4624 | 2.6 |
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.
|
17-10-2018 - 21:38 | 07-09-2006 - 19:04 | |
CVE-2006-4600 | 2.3 |
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
|
17-10-2018 - 21:38 | 07-09-2006 - 00:04 | |
CVE-2006-4623 | 7.8 |
The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet. Ther
|
17-10-2018 - 21:38 | 11-09-2006 - 17:04 | |
CVE-2006-4571 | 10.0 |
Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified ve
|
17-10-2018 - 21:38 | 15-09-2006 - 19:07 | |
CVE-2006-4567 | 2.6 |
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting
|
17-10-2018 - 21:37 | 15-09-2006 - 18:07 | |
CVE-2006-4568 | 4.3 |
Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the security model and inject content into the sub-frame of another site via targetWindow.frames[n].document.open(), which facilitates spoofing and other atta
|
17-10-2018 - 21:37 | 15-09-2006 - 19:07 | |
CVE-2006-4514 | 7.5 |
Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE
|
17-10-2018 - 21:37 | 30-11-2006 - 23:28 | |
CVE-2006-4569 | 2.6 |
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduc
|
17-10-2018 - 21:37 | 15-09-2006 - 19:07 | |
CVE-2006-4565 | 9.3 |
Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression
|
17-10-2018 - 21:37 | 15-09-2006 - 18:07 | |
CVE-2006-4566 | 5.0 |
Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character
|
17-10-2018 - 21:37 | 15-09-2006 - 18:07 | |
CVE-2006-4343 | 4.3 |
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer derefer
|
17-10-2018 - 21:36 | 28-09-2006 - 18:07 | |
CVE-2006-4338 | 5.0 |
unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
|
17-10-2018 - 21:35 | 19-09-2006 - 21:07 | |
CVE-2006-4337 | 7.5 |
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2006-4330 | 4.3 |
Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
|
17-10-2018 - 21:34 | 24-08-2006 - 20:04 | |
CVE-2006-4333 | 5.4 |
The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.
|
17-10-2018 - 21:34 | 24-08-2006 - 20:04 | |
CVE-2006-4335 | 7.5 |
Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2006-4336 | 7.5 |
Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted leaf count table that causes a write to a negative index.
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2006-4334 | 5.0 |
Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (crash) via a crafted GZIP (gz) archive, which results in a NULL dereference.
|
17-10-2018 - 21:34 | 19-09-2006 - 21:07 | |
CVE-2006-4096 | 5.0 |
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.
|
17-10-2018 - 21:33 | 06-09-2006 - 00:04 | |
CVE-2006-4144 | 2.6 |
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values
|
17-10-2018 - 21:33 | 15-08-2006 - 23:04 | |
CVE-2006-4145 | 4.9 |
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.
|
17-10-2018 - 21:33 | 21-08-2006 - 19:04 | |
CVE-2006-4168 | 6.8 |
Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, whic
|
17-10-2018 - 21:33 | 14-06-2007 - 19:30 | |
CVE-2006-4019 | 6.4 |
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users. This vulnerability is addressed
|
17-10-2018 - 21:32 | 11-08-2006 - 21:04 | |
CVE-2006-3809 | 7.5 |
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a p
|
17-10-2018 - 21:31 | 27-07-2006 - 20:04 | |
CVE-2006-3811 | 7.5 |
Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory cor
|
17-10-2018 - 21:31 | 27-07-2006 - 20:04 | |
CVE-2006-3808 | 7.5 |
Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.
|
17-10-2018 - 21:31 | 27-07-2006 - 20:04 | |
CVE-2006-3812 | 2.6 |
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to reference remote files and possibly load chrome: URLs by tricking the user into copying or dragging links.
|
17-10-2018 - 21:31 | 29-07-2006 - 00:04 | |
CVE-2006-3810 | 6.8 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
|
17-10-2018 - 21:31 | 27-07-2006 - 20:04 | |
CVE-2006-3805 | 7.5 |
The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object
|
17-10-2018 - 21:30 | 27-07-2006 - 20:04 | |
CVE-2006-3806 | 7.5 |
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSourc
|
17-10-2018 - 21:30 | 27-07-2006 - 19:04 | |
CVE-2006-3807 | 7.5 |
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and callin
|
17-10-2018 - 21:30 | 27-07-2006 - 19:04 | |
CVE-2006-3803 | 5.1 |
Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temp
|
17-10-2018 - 21:30 | 27-07-2006 - 19:04 | |
CVE-2006-3801 | 7.5 |
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.
|
17-10-2018 - 21:30 | 27-07-2006 - 20:04 | |
CVE-2006-3802 | 5.8 |
Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-lev
|
17-10-2018 - 21:30 | 27-07-2006 - 20:04 | |
CVE-2006-3804 | 5.0 |
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to
|
17-10-2018 - 21:30 | 27-07-2006 - 19:04 | |
CVE-2006-3739 | 7.2 |
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-
|
17-10-2018 - 21:29 | 13-09-2006 - 01:07 | |
CVE-2006-3746 | 5.0 |
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
|
17-10-2018 - 21:29 | 28-07-2006 - 21:04 | |
CVE-2006-3745 | 7.2 |
Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown at
|
17-10-2018 - 21:29 | 23-08-2006 - 19:04 | |
CVE-2006-3740 | 7.2 |
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and
|
17-10-2018 - 21:29 | 13-09-2006 - 01:07 | |
CVE-2006-3738 | 10.0 |
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers. Failed exploit attempts may crash appl
|
17-10-2018 - 21:29 | 28-09-2006 - 18:07 | |
CVE-2006-5868 | 9.3 |
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
|
17-10-2018 - 17:51 | 22-11-2006 - 01:07 | |
CVE-2006-4093 | 4.9 |
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." Upgrade to Linux Kernel version 2.4.33.1
|
17-10-2018 - 17:00 | 21-08-2006 - 21:04 | |
CVE-2007-3476 | 4.3 |
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a se
|
16-10-2018 - 16:50 | 28-06-2007 - 18:30 | |
CVE-2007-3472 | 4.3 |
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. An integer overflow exists in the "gdImageCreateTrueColor()" fun
|
16-10-2018 - 16:49 | 28-06-2007 - 18:30 | |
CVE-2007-3392 | 5.0 |
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.
|
16-10-2018 - 16:49 | 26-06-2007 - 00:30 | |
CVE-2007-3475 | 4.3 |
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.
|
16-10-2018 - 16:49 | 28-06-2007 - 18:30 | |
CVE-2007-3473 | 4.3 |
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
|
16-10-2018 - 16:49 | 28-06-2007 - 18:30 | |
CVE-2007-3388 | 6.8 |
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote at
|
16-10-2018 - 16:49 | 03-08-2007 - 20:17 | |
CVE-2007-3257 | 6.8 |
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
|
16-10-2018 - 16:48 | 19-06-2007 - 16:30 | |
CVE-2007-3377 | 4.3 |
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as
|
16-10-2018 - 16:48 | 25-06-2007 - 21:30 | |
CVE-2007-3103 | 6.2 |
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
|
16-10-2018 - 16:47 | 15-07-2007 - 22:30 | |
CVE-2007-3089 | 4.3 |
Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript cod
|
16-10-2018 - 16:47 | 06-06-2007 - 21:30 | |
CVE-2007-3108 | 1.2 |
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
|
16-10-2018 - 16:47 | 08-08-2007 - 01:17 | |
CVE-2007-2868 | 9.3 |
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of se
|
16-10-2018 - 16:46 | 01-06-2007 - 00:30 | |
CVE-2007-2953 | 6.8 |
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, relat
|
16-10-2018 - 16:46 | 31-07-2007 - 10:17 | |
CVE-2007-2871 | 4.3 |
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: th
|
16-10-2018 - 16:46 | 01-06-2007 - 00:30 | |
CVE-2007-2870 | 4.3 |
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add
|
16-10-2018 - 16:46 | 01-06-2007 - 00:30 | |
CVE-2007-2869 | 4.3 |
The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in
|
16-10-2018 - 16:46 | 01-06-2007 - 00:30 | |
CVE-2007-2799 | 5.1 |
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an asser
|
16-10-2018 - 16:45 | 23-05-2007 - 21:30 | |
CVE-2007-2797 | 2.1 |
xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals.
|
16-10-2018 - 16:45 | 27-08-2007 - 17:17 | |
CVE-2007-2867 | 9.3 |
Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of servic
|
16-10-2018 - 16:45 | 01-06-2007 - 00:30 | |
CVE-2007-2445 | 5.0 |
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.
|
16-10-2018 - 16:43 | 16-05-2007 - 22:30 | |
CVE-2007-2447 | 6.0 |
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled,
|
16-10-2018 - 16:43 | 14-05-2007 - 21:19 | |
CVE-2007-2446 | 10.0 |
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notif
|
16-10-2018 - 16:43 | 14-05-2007 - 21:19 | |
CVE-2007-1711 | 6.8 |
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was in
|
16-10-2018 - 16:40 | 27-03-2007 - 01:19 | |
CVE-2007-1660 | 6.8 |
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service
|
16-10-2018 - 16:39 | 07-11-2007 - 23:46 | |
CVE-2007-1659 | 6.8 |
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
|
16-10-2018 - 16:39 | 07-11-2007 - 23:46 | |
CVE-2007-1558 | 2.6 |
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APO
|
16-10-2018 - 16:39 | 16-04-2007 - 22:19 | |
CVE-2007-1352 | 3.8 |
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. The vendor has addressed t
|
16-10-2018 - 16:38 | 06-04-2007 - 01:19 | |
CVE-2007-1466 | 6.8 |
Integer overflow in the WP6GeneralTextPacket::_readContents function in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary
|
16-10-2018 - 16:38 | 16-03-2007 - 21:19 | |
CVE-2007-1536 | 9.3 |
Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
|
16-10-2018 - 16:38 | 20-03-2007 - 20:19 | |
CVE-2007-1362 | 4.3 |
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter w
|
16-10-2018 - 16:38 | 01-06-2007 - 00:30 | |
CVE-2007-1351 | 8.5 |
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo
|
16-10-2018 - 16:38 | 06-04-2007 - 01:19 | |
CVE-2007-1308 | 4.3 |
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer d
|
16-10-2018 - 16:37 | 07-03-2007 - 00:19 | |
CVE-2007-1263 | 5.0 |
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a mes
|
16-10-2018 - 16:37 | 06-03-2007 - 20:19 | |
CVE-2007-1286 | 6.8 |
Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
|
16-10-2018 - 16:37 | 06-03-2007 - 20:19 | |
CVE-2007-1095 | 6.8 |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site t
|
16-10-2018 - 16:36 | 26-02-2007 - 17:28 | |
CVE-2007-0996 | 5.8 |
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated us
|
16-10-2018 - 16:36 | 27-02-2007 - 02:28 | |
CVE-2007-1003 | 9.0 |
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large
|
16-10-2018 - 16:36 | 06-04-2007 - 01:19 | |
CVE-2007-1092 | 9.3 |
Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey before 1.0.8 allow remote attackers to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize h
|
16-10-2018 - 16:36 | 26-02-2007 - 17:28 | |
CVE-2007-0995 | 4.3 |
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
|
16-10-2018 - 16:36 | 26-02-2007 - 19:28 | |
CVE-2007-0981 | 7.5 |
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the h
|
16-10-2018 - 16:35 | 16-02-2007 - 01:28 | |
CVE-2007-0779 | 6.4 |
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot
|
16-10-2018 - 16:34 | 26-02-2007 - 20:28 | |
CVE-2007-0800 | 4.3 |
Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocke
|
16-10-2018 - 16:34 | 07-02-2007 - 11:28 | |
CVE-2007-0775 | 3.7 |
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially e
|
16-10-2018 - 16:34 | 26-02-2007 - 19:28 | |
CVE-2007-0537 | 2.6 |
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags withi
|
16-10-2018 - 16:33 | 29-01-2007 - 16:28 | |
CVE-2007-0452 | 6.8 |
smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infi
|
16-10-2018 - 16:32 | 06-02-2007 - 02:28 | |
CVE-2007-0245 | 9.3 |
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten.
|
16-10-2018 - 16:32 | 12-06-2007 - 21:30 | |
CVE-2007-0238 | 9.3 |
Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long No
|
16-10-2018 - 16:31 | 21-03-2007 - 19:19 | |
CVE-2006-6899 | 5.4 |
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack.
|
16-10-2018 - 16:29 | 31-12-2006 - 05:00 | |
CVE-2007-0008 | 6.8 |
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server produc
|
16-10-2018 - 16:29 | 26-02-2007 - 20:28 | |
CVE-2005-0109 | 4.7 |
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain
|
16-10-2018 - 12:06 | 05-03-2005 - 05:00 | |
CVE-2008-0658 | 4.0 |
slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.
|
15-10-2018 - 22:02 | 13-02-2008 - 21:00 | |
CVE-2008-0591 | 4.3 |
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by
|
15-10-2018 - 22:01 | 09-02-2008 - 00:00 | |
CVE-2008-0553 | 6.8 |
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
|
15-10-2018 - 22:01 | 07-02-2008 - 21:00 | |
CVE-2008-0592 | 4.3 |
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Fir
|
15-10-2018 - 22:01 | 09-02-2008 - 00:00 | |
CVE-2008-0597 | 5.0 |
Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.
|
15-10-2018 - 22:01 | 26-02-2008 - 00:44 | |
CVE-2008-0593 | 4.3 |
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and
|
15-10-2018 - 22:01 | 09-02-2008 - 01:00 | |
CVE-2008-0417 | 4.3 |
CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password.
|
15-10-2018 - 22:00 | 08-02-2008 - 22:00 | |
CVE-2008-0420 | 9.3 |
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to re
|
15-10-2018 - 22:00 | 12-02-2008 - 03:00 | |
CVE-2008-0419 | 9.3 |
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize
|
15-10-2018 - 22:00 | 08-02-2008 - 22:00 | |
CVE-2008-0418 | 4.3 |
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome:
|
15-10-2018 - 22:00 | 08-02-2008 - 22:00 | |
CVE-2008-0412 | 9.3 |
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF
|
15-10-2018 - 21:59 | 08-02-2008 - 22:00 | |
CVE-2008-0413 | 9.3 |
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2
|
15-10-2018 - 21:59 | 08-02-2008 - 22:00 | |
CVE-2008-0415 | 4.3 |
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.lo
|
15-10-2018 - 21:59 | 08-02-2008 - 22:00 | |
CVE-2008-0072 | 6.8 |
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
|
15-10-2018 - 21:57 | 06-03-2008 - 00:44 | |
CVE-2007-6698 | 4.0 |
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerabilit
|
15-10-2018 - 21:56 | 01-02-2008 - 22:00 | |
CVE-2007-6725 | 7.5 |
The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_de
|
15-10-2018 - 21:56 | 08-04-2009 - 16:30 | |
CVE-2008-0007 | 7.2 |
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
|
15-10-2018 - 21:56 | 08-02-2008 - 02:00 | |
CVE-2008-0003 | 10.0 |
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute a
|
15-10-2018 - 21:56 | 08-01-2008 - 20:46 | |
CVE-2008-0006 | 7.5 |
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the las
|
15-10-2018 - 21:56 | 18-01-2008 - 23:00 | |
CVE-2007-6600 | 6.5 |
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3)
|
15-10-2018 - 21:55 | 09-01-2008 - 21:46 | |
CVE-2007-6441 | 3.3 |
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."
|
15-10-2018 - 21:54 | 19-12-2007 - 22:46 | |
CVE-2007-6450 | 5.0 |
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
|
15-10-2018 - 21:54 | 19-12-2007 - 22:46 | |
CVE-2007-6451 | 4.3 |
Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.
|
15-10-2018 - 21:54 | 19-12-2007 - 22:46 | |
CVE-2007-6429 | 9.3 |
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by
|
15-10-2018 - 21:53 | 18-01-2008 - 23:00 | |
CVE-2007-6428 | 5.0 |
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used a
|
15-10-2018 - 21:53 | 18-01-2008 - 23:00 | |
CVE-2007-6352 | 6.8 |
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.
|
15-10-2018 - 21:52 | 20-12-2007 - 02:46 | |
CVE-2007-6277 | 9.3 |
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size,
|
15-10-2018 - 21:51 | 07-12-2007 - 11:46 | |
CVE-2007-6115 | 10.0 |
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6121 | 5.0 |
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6120 | 5.0 |
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6119 | 7.8 |
The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6114 | 10.0 |
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6116 | 5.0 |
The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6118 | 7.8 |
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6117 | 5.0 |
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages.
|
15-10-2018 - 21:50 | 23-11-2007 - 20:46 | |
CVE-2007-6067 | 6.8 |
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of se
|
15-10-2018 - 21:49 | 09-01-2008 - 21:46 | |
CVE-2007-6112 | 10.0 |
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
|
15-10-2018 - 21:49 | 23-11-2007 - 20:46 | |
CVE-2007-6113 | 4.3 |
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
|
15-10-2018 - 21:49 | 23-11-2007 - 20:46 | |
CVE-2007-6111 | 7.1 |
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.
|
15-10-2018 - 21:49 | 23-11-2007 - 20:46 | |
CVE-2007-5971 | 6.9 |
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Information from Apple: http://docs.info.apple.com/article.html?artnum=307562
|
15-10-2018 - 21:48 | 06-12-2007 - 02:46 | |
CVE-2007-5969 | 7.1 |
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows
|
15-10-2018 - 21:48 | 10-12-2007 - 19:46 | |
CVE-2007-5958 | 5.0 |
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
|
15-10-2018 - 21:47 | 18-01-2008 - 23:00 | |
CVE-2007-5959 | 9.3 |
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.
|
15-10-2018 - 21:47 | 26-11-2007 - 23:46 | |
CVE-2007-5935 | 6.8 |
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
|
15-10-2018 - 21:47 | 13-11-2007 - 22:46 | |
CVE-2007-5947 | 4.3 |
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remot
|
15-10-2018 - 21:47 | 14-11-2007 - 01:46 | |
CVE-2007-5904 | 6.8 |
Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.
|
15-10-2018 - 21:47 | 09-11-2007 - 18:46 | |
CVE-2007-5794 | 4.3 |
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was o
|
15-10-2018 - 21:46 | 13-11-2007 - 23:46 | |
CVE-2007-5899 | 4.3 |
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as
|
15-10-2018 - 21:46 | 20-11-2007 - 19:46 | |
CVE-2007-5898 | 6.4 |
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
|
15-10-2018 - 21:46 | 20-11-2007 - 18:46 | |
CVE-2007-5760 | 9.3 |
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
|
15-10-2018 - 21:46 | 18-01-2008 - 23:00 | |
CVE-2007-5846 | 7.8 |
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
|
15-10-2018 - 21:46 | 06-11-2007 - 21:46 | |
CVE-2007-5378 | 4.3 |
Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the first subimage is sm
|
15-10-2018 - 21:44 | 12-10-2007 - 01:17 | |
CVE-2007-5338 | 9.3 |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome
|
15-10-2018 - 21:43 | 21-10-2007 - 20:17 | |
CVE-2007-5337 | 4.3 |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the tar
|
15-10-2018 - 21:43 | 21-10-2007 - 20:17 | |
CVE-2007-5269 | 5.0 |
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle
|
15-10-2018 - 21:42 | 08-10-2007 - 21:17 | |
CVE-2007-5334 | 4.3 |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attr
|
15-10-2018 - 21:42 | 21-10-2007 - 20:17 | |
CVE-2007-5162 | 4.3 |
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier
|
15-10-2018 - 21:41 | 01-10-2007 - 05:17 | |
CVE-2007-5034 | 4.3 |
ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by
|
15-10-2018 - 21:40 | 21-09-2007 - 20:17 | |
CVE-2007-5116 | 7.5 |
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
|
15-10-2018 - 21:40 | 07-11-2007 - 23:46 | |
CVE-2007-5135 | 6.8 |
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue wa
|
15-10-2018 - 21:40 | 27-09-2007 - 20:17 | |