Total
16 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-3626 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2024-11-21 | 5.0 MEDIUM | N/A |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | |||||
CVE-2005-3625 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2024-11-21 | 10.0 HIGH | N/A |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." | |||||
CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2024-11-21 | 5.0 MEDIUM | N/A |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | |||||
CVE-2004-0827 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 14 Linux, Imlib, Imlib2 and 11 more | 2024-11-20 | 7.5 HIGH | N/A |
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||||
CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2024-11-20 | 2.1 LOW | N/A |
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | |||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-11-20 | 10.0 HIGH | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
CVE-2000-0438 | 4 Caldera, Slackware, Suse and 1 more | 4 Openlinux, Slackware Linux, Suse Linux and 1 more | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. | |||||
CVE-2000-0336 | 4 Mandrakesoft, Openldap, Redhat and 1 more | 4 Mandrake Linux, Openldap, Linux and 1 more | 2024-11-20 | 2.1 LOW | N/A |
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | |||||
CVE-2000-0196 | 3 Nmh, Redhat, Turbolinux | 3 Nmh, Linux, Turbolinux | 2024-11-20 | 7.5 HIGH | N/A |
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message. | |||||
CVE-2000-0186 | 4 Freebsd, Mandrakesoft, Redhat and 1 more | 4 Freebsd, Mandrake Linux, Linux and 1 more | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. | |||||
CVE-2000-0172 | 2 Matt Kimball And Roger Wolff, Turbolinux | 2 Mtr, Turbolinux | 2024-11-20 | 7.2 HIGH | N/A |
The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges. | |||||
CVE-2000-0170 | 2 Redhat, Turbolinux | 2 Linux, Turbolinux | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. | |||||
CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2024-11-20 | 7.2 HIGH | N/A |
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2024-11-20 | 4.6 MEDIUM | N/A |
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | |||||
CVE-1999-0949 | 3 Sgi, Sun, Turbolinux | 4 Irix, Solaris, Sunos and 1 more | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. | |||||
CVE-1999-0948 | 3 Sgi, Sun, Turbolinux | 4 Irix, Solaris, Sunos and 1 more | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in uum program for Canna input system allows local users to gain root privileges. |