Max CVSS 10.0 Min CVSS 1.2 Total Count448
IDCVSSSummaryLast (major) updatePublished
CVE-2005-4158 4.6
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that
19-02-2017 - 00:10 10-12-2005 - 21:03
CVE-2005-3628 7.5
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary co
19-02-2017 - 00:09 31-12-2005 - 00:00
CVE-2005-3627 7.5
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components"
19-02-2017 - 00:09 31-12-2005 - 00:00
CVE-2005-3626 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
19-02-2017 - 00:09 31-12-2005 - 00:00
CVE-2005-3625 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and
19-02-2017 - 00:09 31-12-2005 - 00:00
CVE-2005-3624 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int
19-02-2017 - 00:09 31-12-2005 - 00:00
CVE-2005-3276 2.1
The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3275 2.6
The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3274 1.2
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection tab
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3273 5.0
The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array ou
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3271 2.1
Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which results in a resource leak and could allow a large number of multiple local users to cause a denial of service by using more posix-timers than specifi
19-02-2017 - 00:09 20-10-2005 - 21:02
CVE-2005-3257 4.6
The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using
19-02-2017 - 00:09 18-10-2005 - 18:02
CVE-2005-3192 7.5
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitra
19-02-2017 - 00:09 07-12-2005 - 20:03
CVE-2005-3191 5.1
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KD
19-02-2017 - 00:09 06-12-2005 - 20:03
CVE-2005-3181 2.1
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a m
19-02-2017 - 00:09 12-10-2005 - 09:04
CVE-2005-3180 5.0
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
19-02-2017 - 00:09 12-10-2005 - 09:04
CVE-2005-3179 2.1
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.
19-02-2017 - 00:09 12-10-2005 - 09:03
CVE-2005-3055 2.1
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer ref
19-02-2017 - 00:09 26-09-2005 - 15:03
CVE-2005-3053 2.1
The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument.
19-02-2017 - 00:09 26-09-2005 - 15:03
CVE-2005-3044 2.1
Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on
19-02-2017 - 00:09 22-09-2005 - 17:03
CVE-2005-2873 2.1
The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vu
19-02-2017 - 00:09 09-09-2005 - 15:07
CVE-2005-2872 5.0
The ipt_recent kernel module (ipt_recent.c) in Linux kernel before 2.6.12, when running on 64-bit processors such as AMD64, allows remote attackers to cause a denial of service (kernel panic) via certain attacks such as SSH brute force, which leads t
19-02-2017 - 00:09 09-09-2005 - 15:07
CVE-2005-2801 5.0
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
19-02-2017 - 00:09 06-09-2005 - 13:03
CVE-2005-2800 2.1
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, whi
19-02-2017 - 00:09 06-09-2005 - 13:03
CVE-2005-2555 4.6
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.
19-02-2017 - 00:09 16-08-2005 - 00:00
CVE-2005-2548 5.0
vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk o
19-02-2017 - 00:09 12-08-2005 - 00:00
CVE-2005-2492 3.6
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.
19-02-2017 - 00:09 14-09-2005 - 15:03
CVE-2005-2490 4.6
Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread.
19-02-2017 - 00:09 14-09-2005 - 15:03
CVE-2005-2459 5.0
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointe
19-02-2017 - 00:09 23-08-2005 - 00:00
CVE-2005-2458 5.0
inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables".
19-02-2017 - 00:09 23-08-2005 - 00:00
CVE-2005-2457 5.0
The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.
19-02-2017 - 00:09 23-08-2005 - 00:00
CVE-2005-2456 2.1
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OU
19-02-2017 - 00:09 04-08-2005 - 00:00
CVE-2005-2099 5.0
The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which caus
19-02-2017 - 00:08 23-08-2005 - 00:00
CVE-2005-2098 5.0
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore
19-02-2017 - 00:08 23-08-2005 - 00:00
CVE-2005-1764 2.1
Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.
19-02-2017 - 00:08 07-10-2005 - 14:02
CVE-2005-1589 7.2
The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space
19-02-2017 - 00:08 17-05-2005 - 00:00
CVE-2005-0210 4.9
Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice.
19-02-2017 - 00:07 02-05-2005 - 00:00
CVE-2005-0180 3.6
Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before callin
19-02-2017 - 00:07 07-03-2005 - 00:00
CVE-2004-2302 2.6
Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.
19-02-2017 - 00:07 31-12-2004 - 00:00
CVE-2004-1333 2.1
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
19-02-2017 - 00:06 15-12-2004 - 00:00
CVE-2005-3193 5.1
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-
19-12-2016 - 21:59 06-12-2005 - 19:03
CVE-2005-0064 7.5
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.
19-12-2016 - 21:59 02-05-2005 - 00:00
CVE-2005-2491 7.5
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, whic
15-12-2016 - 21:59 23-08-2005 - 00:00
CVE-2005-3883 5.0
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
07-12-2016 - 22:00 29-11-2005 - 06:03
CVE-2005-3392 7.5
Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
07-12-2016 - 22:00 01-11-2005 - 07:47
CVE-2005-3391 7.5
Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.
07-12-2016 - 22:00 01-11-2005 - 07:47
CVE-2005-3390 7.5
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST reque
07-12-2016 - 22:00 01-11-2005 - 07:47
CVE-2005-3389 5.0
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting,
07-12-2016 - 22:00 01-11-2005 - 07:47
CVE-2005-3388 4.3
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
07-12-2016 - 22:00 01-11-2005 - 07:47
CVE-2005-3353 5.0
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
07-12-2016 - 22:00 18-11-2005 - 18:03
CVE-2005-3319 2.1
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file
07-12-2016 - 22:00 27-10-2005 - 06:02
CVE-2005-2970 5.0
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused f
07-12-2016 - 22:00 25-10-2005 - 13:06
CVE-2005-2798 5.0
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
07-12-2016 - 22:00 06-09-2005 - 13:03
CVE-2005-2558 4.6
Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name
07-12-2016 - 22:00 16-08-2005 - 00:00
CVE-2005-2495 5.1
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
07-12-2016 - 22:00 15-09-2005 - 16:03
CVE-2005-1705 7.2
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
07-12-2016 - 22:00 24-05-2005 - 00:00
CVE-2005-1704 4.6
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of sect
07-12-2016 - 22:00 24-05-2005 - 00:00
CVE-2004-1067 10.0
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1064 10.0
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before public
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1063 10.0
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1056 6.4
Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1018 10.0
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underfl
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1016 2.1
The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a de
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1014 5.0
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1013 10.0
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-1012 10.0
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index in
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-0990 10.0
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-
07-12-2016 - 21:59 01-03-2005 - 00:00
CVE-2004-0989 10.0
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy
07-12-2016 - 21:59 01-03-2005 - 00:00
CVE-2004-0986 7.5
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
07-12-2016 - 21:59 01-03-2005 - 00:00
CVE-2004-0981 10.0
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0977 2.1
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0968 2.1
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0967 7.2
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary fi
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0966 2.1
The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary file
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0957 6.8
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0949 6.4
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-0941 10.0
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0930 5.0
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
07-12-2016 - 21:59 27-01-2005 - 00:00
CVE-2004-0891 10.0
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbound
07-12-2016 - 21:59 27-01-2005 - 00:00
CVE-2004-0888 10.0
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabili
07-12-2016 - 21:59 27-01-2005 - 00:00
CVE-2004-0452 2.6
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symli
07-12-2016 - 21:59 21-12-2004 - 00:00
CVE-2005-3357 5.4
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers
21-11-2016 - 21:59 31-12-2005 - 00:00
CVE-2005-2700 10.0
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass inten
21-11-2016 - 21:59 06-09-2005 - 19:03
CVE-2005-0211 7.5
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length pa
07-11-2016 - 17:29 02-05-2005 - 00:00
CVE-2004-1019 10.0
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free
25-10-2016 - 21:59 10-01-2005 - 00:00
CVE-2005-3962 4.6
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an int
17-10-2016 - 23:37 01-12-2005 - 12:03
CVE-2005-3393 7.5
Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.
17-10-2016 - 23:35 01-11-2005 - 07:47
CVE-2005-3178 5.1
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
17-10-2016 - 23:33 07-10-2005 - 14:02
CVE-2005-3088 2.1
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords.
17-10-2016 - 23:32 27-10-2005 - 06:02
CVE-2005-2876 7.2
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just
17-10-2016 - 23:31 13-09-2005 - 19:03
CVE-2005-2871 7.5
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with al
17-10-2016 - 23:31 09-09-2005 - 14:03
CVE-2005-2820 4.3
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "[if]" and "[endif]".
17-10-2016 - 23:30 07-09-2005 - 15:07
CVE-2005-2769 4.3
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain ">" or other special characters, which
17-10-2016 - 23:30 02-09-2005 - 19:03
CVE-2005-2724 4.3
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the deve
17-10-2016 - 23:29 30-08-2005 - 07:45
CVE-2005-2498 5.0
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certai
17-10-2016 - 23:27 15-08-2005 - 00:00
CVE-2005-2494 7.2
kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files.
17-10-2016 - 23:27 06-09-2005 - 19:03
CVE-2005-2475 1.2
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
17-10-2016 - 23:27 05-08-2005 - 00:00
CVE-2005-2448 5.0
Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.
17-10-2016 - 23:27 03-08-2005 - 00:00
CVE-2005-2370 5.0
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
17-10-2016 - 23:26 26-07-2005 - 00:00
CVE-2005-2369 7.5
Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.
17-10-2016 - 23:26 26-07-2005 - 00:00
CVE-2005-2088 4.3
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfe
17-10-2016 - 23:24 05-07-2005 - 00:00
CVE-2005-1921 7.5
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) Mail
17-10-2016 - 23:23 05-07-2005 - 00:00
CVE-2005-1920 5.0
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive info
17-10-2016 - 23:23 26-07-2005 - 00:00
CVE-2005-1916 2.1
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
17-10-2016 - 23:23 06-07-2005 - 00:00
CVE-2005-1852 7.5
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an
17-10-2016 - 23:23 26-07-2005 - 00:00
CVE-2005-1851 10.0
A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors.
17-10-2016 - 23:23 19-07-2005 - 00:00
CVE-2005-1850 10.0
Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916.
17-10-2016 - 23:23 19-07-2005 - 00:00
CVE-2005-1759 1.2
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751.
17-10-2016 - 23:22 28-06-2005 - 00:00
CVE-2005-1751 3.7
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759.
17-10-2016 - 23:22 25-05-2005 - 00:00
CVE-2005-1686 2.6
Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user,
17-10-2016 - 23:21 20-05-2005 - 00:00
CVE-2005-1264 7.2
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2
17-10-2016 - 23:18 17-05-2005 - 00:00
CVE-2005-1229 4.6
Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.
17-10-2016 - 23:18 02-05-2005 - 00:00
CVE-2005-1228 5.0
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
17-10-2016 - 23:18 02-05-2005 - 00:00
CVE-2005-1111 3.7
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
17-10-2016 - 23:17 02-05-2005 - 00:00
CVE-2005-1041 2.1
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.
17-10-2016 - 23:16 02-05-2005 - 00:00
CVE-2005-0966 6.4
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and po
17-10-2016 - 23:16 02-05-2005 - 00:00
CVE-2005-0965 5.0
The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
17-10-2016 - 23:16 02-05-2005 - 00:00
CVE-2005-0953 3.7
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
17-10-2016 - 23:15 02-05-2005 - 00:00
CVE-2005-0754 7.5
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
17-10-2016 - 23:14 22-04-2005 - 00:00
CVE-2005-0750 7.2
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
17-10-2016 - 23:14 27-03-2005 - 00:00
CVE-2005-0710 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is pr
17-10-2016 - 23:13 02-05-2005 - 00:00
CVE-2005-0709 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
17-10-2016 - 23:13 02-05-2005 - 00:00
CVE-2005-0602 6.2
Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0591 2.6
Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing."
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0546 7.5
Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow i
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0532 2.1
The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0531 2.1
The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow local users to trigger a buffer overflow via negative arguments.
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0530 2.1
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0529 2.1
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a po
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0490 5.1
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not
17-10-2016 - 23:11 02-05-2005 - 00:00
CVE-2005-0473 5.0
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
17-10-2016 - 23:11 14-03-2005 - 00:00
CVE-2005-0472 5.0
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
17-10-2016 - 23:11 14-03-2005 - 00:00
CVE-2005-0446 5.0
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure
17-10-2016 - 23:11 02-05-2005 - 00:00
CVE-2005-0401 5.1
FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollba
17-10-2016 - 23:11 02-05-2005 - 00:00
CVE-2005-0400 2.1
The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.
17-10-2016 - 23:11 02-05-2005 - 00:00
CVE-2005-0397 7.5
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filen
17-10-2016 - 23:11 02-05-2005 - 00:00
CVE-2005-0247 6.5
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO var
17-10-2016 - 23:09 02-05-2005 - 00:00
CVE-2005-0246 5.0
The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays.
17-10-2016 - 23:09 02-05-2005 - 00:00
CVE-2005-0245 7.5
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE
17-10-2016 - 23:09 01-02-2005 - 00:00
CVE-2005-0244 6.5
PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command.
17-10-2016 - 23:09 02-05-2005 - 00:00
CVE-2005-0233 7.5
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homog
17-10-2016 - 23:08 08-02-2005 - 00:00
CVE-2005-0232 2.6
Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain s
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0231 2.6
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
17-10-2016 - 23:08 07-02-2005 - 00:00
CVE-2005-0230 5.1
Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execu
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0209 7.8
Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0208 5.0
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0202 5.0
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are inten
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0194 10.0
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended AC
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0178 6.2
Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.
17-10-2016 - 23:08 07-03-2005 - 00:00
CVE-2005-0177 7.8
nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a denial of service (kernel crash) via a buffer overflow.
17-10-2016 - 23:08 07-03-2005 - 00:00
CVE-2005-0176 5.0
The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
17-10-2016 - 23:08 15-02-2005 - 00:00
CVE-2005-0175 5.0
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
17-10-2016 - 23:08 07-02-2005 - 00:00
CVE-2005-0174 5.0
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not
17-10-2016 - 23:08 07-02-2005 - 00:00
CVE-2005-0173 7.5
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0156 2.1
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long
17-10-2016 - 23:08 07-02-2005 - 00:00
CVE-2005-0155 4.6
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
17-10-2016 - 23:08 02-05-2005 - 00:00
CVE-2005-0109 4.7
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain
17-10-2016 - 23:07 05-03-2005 - 00:00
CVE-2005-0100 7.5
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
17-10-2016 - 23:07 07-02-2005 - 00:00
CVE-2005-0089 7.5
The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0088 7.5
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0077 2.1
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0069 4.6
The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files.
17-10-2016 - 23:07 13-01-2005 - 00:00
CVE-2005-0022 4.6
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0005 7.5
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2005-0004 4.6
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
17-10-2016 - 23:07 14-04-2005 - 00:00
CVE-2005-0001 6.9
Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same vir
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2004-2014 2.6
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
17-10-2016 - 23:04 31-12-2004 - 00:00
CVE-2004-1488 5.0
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
17-10-2016 - 22:55 27-04-2005 - 00:00
CVE-2004-1487 5.0
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
17-10-2016 - 22:55 27-04-2005 - 00:00
CVE-2004-1337 7.2
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
17-10-2016 - 22:53 23-12-2004 - 00:00
CVE-2004-1235 6.2
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
17-10-2016 - 22:52 14-04-2005 - 00:00
CVE-2004-1189 7.2
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an arr
17-10-2016 - 22:52 31-12-2004 - 00:00
CVE-2004-1183 5.1
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
17-10-2016 - 22:52 06-01-2005 - 00:00
CVE-2004-1177 4.3
Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.
17-10-2016 - 22:52 10-01-2005 - 00:00
CVE-2004-1151 7.2
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1138 7.2
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) s
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1137 10.0
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a co
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1125 9.3
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1074 2.1
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1069 1.2
Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1068 6.2
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-1010 10.0
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
17-10-2016 - 22:50 01-03-2005 - 00:00
CVE-2004-0976 2.1
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
17-10-2016 - 22:50 09-02-2005 - 00:00
CVE-2004-0942 5.0
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
17-10-2016 - 22:50 09-02-2005 - 00:00
CVE-2004-0918 5.0
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory al
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0889 10.0
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by C
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0885 7.5
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host config
17-10-2016 - 22:49 03-11-2004 - 00:00
CVE-2004-0883 6.4
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requ
17-10-2016 - 22:49 10-01-2005 - 00:00
CVE-2004-0882 10.0
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0837 2.6
MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
17-10-2016 - 22:49 03-11-2004 - 00:00
CVE-2004-0836 10.0
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length
17-10-2016 - 22:49 03-11-2004 - 00:00
CVE-2004-0814 1.2
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote a
17-10-2016 - 22:49 23-12-2004 - 00:00
CVE-2004-0783 7.5
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifie
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0782 7.5
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0718 7.5
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other
17-10-2016 - 22:48 27-07-2004 - 00:00
CVE-2004-0700 7.5
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages f
17-10-2016 - 22:48 27-07-2004 - 00:00
CVE-2004-0688 7.5
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a
17-10-2016 - 22:47 20-10-2004 - 00:00
CVE-2004-0687 7.5
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
17-10-2016 - 22:47 20-10-2004 - 00:00
CVE-2004-0599 5.0
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (applic
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0176 5.0
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2003-0190 5.0
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-1999-1572 2.1
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files
17-10-2016 - 22:06 16-07-1996 - 00:00
CVE-2005-0448 1.2
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
23-10-2013 - 21:44 02-05-2005 - 00:00
CVE-2005-3246 5.0
Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI, (2) sFlow, or (3) RTnet dissectors.
10-09-2013 - 00:47 27-10-2005 - 06:02
CVE-2005-0752 7.5
The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.
28-08-2013 - 00:40 18-04-2005 - 00:00
CVE-2005-0588 5.0
Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system.
22-08-2013 - 00:38 02-05-2005 - 00:00
CVE-2005-1992 7.5
The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands.
21-08-2013 - 00:42 20-06-2005 - 00:00
CVE-2005-1279 5.0
tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.
19-08-2013 - 00:40 02-05-2005 - 00:00
CVE-2005-0584 2.6
Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks.
27-07-2013 - 00:38 02-05-2005 - 00:00
CVE-2005-3352 4.3
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
17-07-2013 - 10:37 13-12-2005 - 15:03
CVE-2005-1913 2.1
The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leade
17-07-2013 - 10:30 14-09-2005 - 15:03
CVE-2005-2096 7.5
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted
30-10-2012 - 21:48 06-07-2005 - 00:00
CVE-2005-0756 2.1
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).
19-03-2012 - 00:00 08-06-2005 - 00:00
CVE-2005-4459 10.0
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (
17-10-2011 - 00:00 21-12-2005 - 15:03
CVE-2005-4048 7.5
Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbi
17-10-2011 - 00:00 07-12-2005 - 06:03
CVE-2005-2976 7.5
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-200
12-10-2011 - 00:00 18-11-2005 - 01:03
CVE-2005-2929 7.5
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
06-10-2011 - 00:00 18-11-2005 - 01:03
CVE-2005-4077 4.6
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prev
08-09-2011 - 00:00 07-12-2005 - 20:03
CVE-2005-2972 5.1
Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getC
06-09-2011 - 00:00 23-10-2005 - 06:02
CVE-2005-2959 4.6
Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though oth
28-07-2011 - 00:00 25-10-2005 - 12:02
CVE-2005-3011 1.2
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
25-07-2011 - 00:00 21-09-2005 - 16:03
CVE-2005-4268 3.7
Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.
18-07-2011 - 21:33 15-12-2005 - 13:11
CVE-2005-3501 4.3
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero le
14-07-2011 - 00:00 05-11-2005 - 06:02
CVE-2005-0989 5.0
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
11-07-2011 - 00:00 02-05-2005 - 00:00
CVE-2005-2975 7.8
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
20-06-2011 - 00:00 18-11-2005 - 01:03
CVE-2005-2966 5.1
The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.
16-06-2011 - 00:00 05-10-2005 - 17:02
CVE-2005-2177 5.0
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an
19-05-2011 - 00:00 11-07-2005 - 00:00
CVE-2006-0162 7.5
Heap-based buffer overflow in libclamav/upx.c in Clam Antivirus (ClamAV) before 0.88 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted UPX files.
07-03-2011 - 21:29 10-01-2006 - 14:03
CVE-2006-0106 7.5
gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, implement the SETABORTPROC GDI Escape function call for Windows Metafile (WMF) files, which allows attackers to execute arbitrary code, the same vulnerability as CVE-2005-4560 but
07-03-2011 - 21:29 06-01-2006 - 13:03
CVE-2005-4585 7.8
Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
07-03-2011 - 21:28 29-12-2005 - 06:03
CVE-2005-4470 7.5
Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negativ
07-03-2011 - 21:28 21-12-2005 - 19:03
CVE-2005-4348 7.8
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
07-03-2011 - 21:28 20-12-2005 - 19:03
CVE-2005-3912 7.5
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary
07-03-2011 - 21:27 30-11-2005 - 06:03
CVE-2005-3651 7.5
Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets.
07-03-2011 - 21:26 10-12-2005 - 06:03
CVE-2005-3632 4.6
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file.
07-03-2011 - 21:26 21-11-2005 - 17:03
CVE-2005-3573 5.0
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).
07-03-2011 - 21:26 16-11-2005 - 02:42
CVE-2005-3539 7.5
Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and
07-03-2011 - 21:26 31-12-2005 - 00:00
CVE-2005-3538 7.5
hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges.
07-03-2011 - 21:26 31-12-2005 - 00:00
CVE-2005-3531 2.1
fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters.
07-03-2011 - 21:26 22-11-2005 - 19:03
CVE-2005-3500 5.0
The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the sa
07-03-2011 - 21:26 05-11-2005 - 06:02
CVE-2005-3351 5.0
SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl.
07-03-2011 - 21:26 20-11-2005 - 16:03
CVE-2005-3350 7.5
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
07-03-2011 - 21:26 03-11-2005 - 19:02
CVE-2005-3303 7.5
The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file.
07-03-2011 - 21:26 05-11-2005 - 06:02
CVE-2005-3256 5.0
The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message.
07-03-2011 - 21:26 18-10-2005 - 17:02
CVE-2005-3186 7.5
Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer o
07-03-2011 - 21:25 18-11-2005 - 01:03
CVE-2005-3149 4.6
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.
07-03-2011 - 21:25 05-10-2005 - 18:02
CVE-2005-3054 2.1
fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directori
07-03-2011 - 21:25 26-09-2005 - 15:03
CVE-2005-3042 7.5
miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
07-03-2011 - 21:25 22-09-2005 - 06:03
CVE-2005-2978 7.5
pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modif
07-03-2011 - 21:25 18-10-2005 - 18:02
CVE-2005-2974 2.6
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
07-03-2011 - 21:25 03-11-2005 - 19:02
CVE-2005-2969 5.0
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allow
07-03-2011 - 21:25 18-10-2005 - 17:02
CVE-2005-2968 7.5
Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.
07-03-2011 - 21:25 20-09-2005 - 18:03
CVE-2005-2728 5.0
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
07-03-2011 - 21:24 30-08-2005 - 07:45
CVE-2005-2707 5.0
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2706 6.4
Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2705 7.5
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2704 5.0
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2703 5.0
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smugglin
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2702 7.5
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2701 7.5
Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.
07-03-2011 - 21:24 23-09-2005 - 15:03
CVE-2005-2496 4.6
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
07-03-2011 - 21:24 02-09-2005 - 13:03
CVE-2005-2337 7.5
Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).
07-03-2011 - 21:24 07-10-2005 - 19:02
CVE-2005-2335 5.0
Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifie
07-03-2011 - 21:24 27-07-2005 - 00:00
CVE-2005-2270 7.5
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2269 7.5
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2268 2.6
Firefox before 1.0.5 and Mozilla before 1.7.9 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "D
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2267 7.5
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may le
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2266 5.0
Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensit
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2265 5.0
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2264 7.5
Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2263 5.0
The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which ca
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2262 5.1
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a java
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2261 7.5
Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.
07-03-2011 - 21:23 13-07-2005 - 00:00
CVE-2005-2260 7.5
The browser user interface in Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dan
07-03-2011 - 21:23 13-07-2005 - 00:00
CVE-2005-2097 2.1
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when
07-03-2011 - 21:23 16-08-2005 - 00:00
CVE-2005-1993 3.7
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
07-03-2011 - 21:23 20-06-2005 - 00:00
CVE-2005-1937 2.6
A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site, aka the frame injection spoofing vulnerability, a re-introduction of a vulnerability that wa
07-03-2011 - 21:23 14-06-2005 - 00:00
CVE-2005-1849 5.0
inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
07-03-2011 - 21:22 26-07-2005 - 00:00
CVE-2005-1767 2.1
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
07-03-2011 - 21:22 05-08-2005 - 00:00
CVE-2005-1762 2.1
The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.
07-03-2011 - 21:22 02-08-2005 - 00:00
CVE-2005-1532 7.5
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a va
07-03-2011 - 21:22 12-05-2005 - 00:00
CVE-2005-1531 7.5
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL
07-03-2011 - 21:22 12-05-2005 - 00:00
CVE-2005-1519 6.4
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
07-03-2011 - 21:22 11-05-2005 - 00:00
CVE-2005-1410 2.1
The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause
07-03-2011 - 21:21 03-05-2005 - 00:00
CVE-2005-1409 7.5
PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."
07-03-2011 - 21:21 03-05-2005 - 00:00
CVE-2005-1268 5.0
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one
07-03-2011 - 21:21 05-08-2005 - 00:00
CVE-2005-1263 7.2
The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables
07-03-2011 - 21:21 11-05-2005 - 00:00
CVE-2005-1262 5.0
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
07-03-2011 - 21:21 11-05-2005 - 00:00
CVE-2005-1261 7.5
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
07-03-2011 - 21:21 11-05-2005 - 00:00
CVE-2005-1260 5.0
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
07-03-2011 - 21:21 19-05-2005 - 00:00
CVE-2005-1160 5.1
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval func
07-03-2011 - 21:21 02-05-2005 - 00:00
CVE-2005-1159 7.5
The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the w
07-03-2011 - 21:21 02-05-2005 - 00:00
CVE-2005-1046 7.5
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
07-03-2011 - 21:21 02-05-2005 - 00:00
CVE-2005-0988 3.7
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip af
07-03-2011 - 21:20 02-05-2005 - 00:00
CVE-2005-0815 6.4
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
07-03-2011 - 21:20 02-05-2005 - 00:00
CVE-2005-0758 4.6
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
07-03-2011 - 21:20 13-05-2005 - 00:00
CVE-2005-0592 7.5
Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string t
07-03-2011 - 21:20 25-03-2005 - 00:00
CVE-2005-0590 5.0
The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequen
07-03-2011 - 21:20 02-05-2005 - 00:00
CVE-2005-0587 2.6
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.
07-03-2011 - 21:20 25-03-2005 - 00:00
CVE-2005-0525 5.0
The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which c
07-03-2011 - 21:20 02-05-2005 - 00:00
CVE-2005-0524 5.0
The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.
07-03-2011 - 21:20 02-05-2005 - 00:00
CVE-2005-0402 2.6
Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.
07-03-2011 - 21:19 02-05-2005 - 00:00
CVE-2005-0399 5.1
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a
07-03-2011 - 21:19 02-05-2005 - 00:00
CVE-2005-0398 5.0
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
07-03-2011 - 21:19 14-03-2005 - 00:00
CVE-2005-0255 5.0
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers
07-03-2011 - 21:19 02-05-2005 - 00:00
CVE-2005-0142 2.1
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. conten
07-03-2011 - 21:19 02-05-2005 - 00:00
CVE-2004-1058 1.2
Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.
07-03-2011 - 21:16 10-01-2005 - 00:00
CVE-2004-0827 7.5
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3)
07-03-2011 - 21:16 16-09-2004 - 00:00
CVE-2005-3662 4.6
Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
07-03-2011 - 00:00 17-11-2005 - 21:02
CVE-2005-3656 10.0
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the us
07-03-2011 - 00:00 31-12-2005 - 00:00
CVE-2005-3185 7.5
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary co
07-03-2011 - 00:00 13-10-2005 - 18:02
CVE-2005-2471 7.5
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.
30-11-2010 - 00:00 05-08-2005 - 00:00
CVE-2005-3313 5.0
The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).
21-08-2010 - 00:33 01-11-2005 - 07:47
CVE-2005-3249 6.4
Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer.
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3248 5.0
Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (divide-by-zero) via unknown vectors.
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3247 5.0
The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3245 5.0
Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption).
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3244 5.0
The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3243 7.5
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3242 5.0
Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled.
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3241 5.0
Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector.
21-08-2010 - 00:33 27-10-2005 - 06:02
CVE-2005-3184 10.0
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
21-08-2010 - 00:33 20-10-2005 - 19:02
CVE-2005-3183 4.3
The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.
21-08-2010 - 00:33 12-10-2005 - 18:02
CVE-2005-3120 7.5
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
21-08-2010 - 00:33 17-10-2005 - 16:06
CVE-2005-3110 2.6
Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-3108 2.1
mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-3107 2.1
fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-3106 1.2
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just per
21-08-2010 - 00:33 30-09-2005 - 06:05
CVE-2005-2917 5.0
Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
21-08-2010 - 00:32 30-09-2005 - 14:05
CVE-2005-2796 5.0
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.
21-08-2010 - 00:32 07-09-2005 - 14:03
CVE-2005-2794 5.0
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
21-08-2010 - 00:32 07-09-2005 - 14:03
CVE-2005-2103 7.5
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %
21-08-2010 - 00:30 16-08-2005 - 00:00
CVE-2005-2102 5.0
The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
21-08-2010 - 00:30 16-08-2005 - 00:00
CVE-2005-2069 5.0
pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers t
21-08-2010 - 00:30 30-06-2005 - 00:00
CVE-2005-1934 5.0
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
21-08-2010 - 00:29 19-05-2005 - 00:00
CVE-2005-1431 5.0
The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
21-08-2010 - 00:28 03-05-2005 - 00:00
CVE-2005-1345 7.5
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
21-08-2010 - 00:28 02-05-2005 - 00:00
CVE-2005-1280 5.0
The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
21-08-2010 - 00:28 02-05-2005 - 00:00
CVE-2005-1278 5.0
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
21-08-2010 - 00:28 02-05-2005 - 00:00
CVE-2005-1275 5.0
Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.
21-08-2010 - 00:28 25-04-2005 - 00:00
CVE-2005-1269 5.0
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
21-08-2010 - 00:28 16-06-2005 - 00:00
CVE-2005-1267 5.0
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
21-08-2010 - 00:28 10-06-2005 - 00:00
CVE-2005-1265 2.1
The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).
21-08-2010 - 00:28 16-06-2005 - 00:00
CVE-2005-1194 4.6
Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.
21-08-2010 - 00:28 04-05-2005 - 00:00
CVE-2005-1158 5.0
Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-1157 7.5
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-1156 7.5
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-1154 7.5
Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site sc
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-1153 7.5
Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-1043 5.0
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
21-08-2010 - 00:27 14-04-2005 - 00:00
CVE-2005-1042 7.5
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0967 5.0
Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0941 5.1
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0937 1.2
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is exe
21-08-2010 - 00:27 22-02-2005 - 00:00
CVE-2005-0891 5.0
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0867 7.2
Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0839 7.2
Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0806 5.0
Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0753 7.5
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
21-08-2010 - 00:26 18-04-2005 - 00:00
CVE-2005-0749 7.2
The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer.
21-08-2010 - 00:26 01-04-2005 - 00:00
CVE-2005-0736 2.1
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
21-08-2010 - 00:26 09-03-2005 - 00:00
CVE-2005-0718 5.0
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.
21-08-2010 - 00:26 14-04-2005 - 00:00
CVE-2005-0711 2.1
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0626 2.6
Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.
21-08-2010 - 00:26 08-03-2005 - 00:00
CVE-2005-0605 7.5
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
21-08-2010 - 00:26 02-03-2005 - 00:00
CVE-2005-0593 2.6
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which caus
21-08-2010 - 00:26 04-03-2005 - 00:00
CVE-2005-0589 5.0
The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0586 2.6
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0585 2.6
Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks.
21-08-2010 - 00:26 25-03-2005 - 00:00
CVE-2005-0578 2.1
Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0469 7.5
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0384 5.0
Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
21-08-2010 - 00:25 15-03-2005 - 00:00
CVE-2005-0201 2.1
D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket.
21-08-2010 - 00:25 29-06-2005 - 00:00
CVE-2005-0147 7.5
Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.
21-08-2010 - 00:25 02-05-2005 - 00:00
CVE-2005-0146 5.0
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.
21-08-2010 - 00:25 02-05-2005 - 00:00
CVE-2005-0144 2.6
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
21-08-2010 - 00:25 02-05-2005 - 00:00
CVE-2005-0143 2.6
Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.
21-08-2010 - 00:25 23-03-2005 - 00:00
CVE-2005-0141 2.6
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
21-08-2010 - 00:25 02-05-2005 - 00:00
CVE-2005-0102 7.2
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
21-08-2010 - 00:25 24-01-2005 - 00:00
CVE-2005-0097 5.0
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
21-08-2010 - 00:25 11-01-2005 - 00:00
CVE-2005-0096 5.0
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).
21-08-2010 - 00:25 25-01-2005 - 00:00
CVE-2005-0095 5.0
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU
21-08-2010 - 00:25 15-01-2005 - 00:00
CVE-2005-0094 5.0
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
21-08-2010 - 00:25 15-01-2005 - 00:00
CVE-2005-0021 7.2
Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function,
21-08-2010 - 00:25 02-05-2005 - 00:00
CVE-2004-2154 7.5
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.
21-08-2010 - 00:23 31-12-2004 - 00:00
CVE-2004-1308 10.0
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a h
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1287 10.0
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1270 2.1
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1269 5.0
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1268 2.1
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1267 6.5
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-1186 5.0
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
21-08-2010 - 00:22 31-12-2004 - 00:00
CVE-2004-1185 7.5
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
21-08-2010 - 00:22 21-01-2005 - 00:00
CVE-2004-1184 4.6
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
21-08-2010 - 00:21 21-01-2005 - 00:00
CVE-2004-1156 4.3
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up windo
21-08-2010 - 00:21 31-12-2004 - 00:00
CVE-2004-1154 10.0
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of securit
21-08-2010 - 00:21 10-01-2005 - 00:00
CVE-2004-1065 10.0
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
21-08-2010 - 00:21 10-01-2005 - 00:00
CVE-2004-1026 10.0
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image f
21-08-2010 - 00:21 10-01-2005 - 00:00
CVE-2004-1025 10.0
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
21-08-2010 - 00:21 10-01-2005 - 00:00
CVE-2004-0983 5.0
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
21-08-2010 - 00:21 01-03-2005 - 00:00
CVE-2004-0975 2.1
The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
21-08-2010 - 00:21 09-02-2005 - 00:00
CVE-2004-0972 2.1
The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
21-08-2010 - 00:21 09-02-2005 - 00:00
CVE-2004-0832 5.0
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be
21-08-2010 - 00:21 03-11-2004 - 00:00
CVE-2004-0788 5.0
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0753 5.0
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2005-4153 7.8
Mailman 2.1.4 through 2.1.6 allows remote attackers to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573.
21-08-2010 - 00:00 10-12-2005 - 21:03
CVE-2005-3109 2.1
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.
21-08-2010 - 00:00 30-09-2005 - 06:05
CVE-2005-1155 7.5
The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking."
21-08-2010 - 00:00 02-05-2005 - 00:00
CVE-2004-0914 10.0
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) m
21-08-2010 - 00:00 10-01-2005 - 00:00
CVE-2006-0151 7.2
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
02-04-2010 - 02:36 09-01-2006 - 18:03
CVE-2005-4828 6.4
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this
02-04-2010 - 02:31 31-12-2005 - 00:00
CVE-2005-3587 10.0
Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors.
02-04-2010 - 02:06 16-11-2005 - 02:42
CVE-2005-3343 4.6
tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
02-04-2010 - 01:56 27-12-2005 - 18:03
CVE-2005-3239 7.8
The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree f
02-04-2010 - 01:50 14-10-2005 - 15:02
CVE-2005-3137 2.1
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.
02-04-2010 - 01:38 05-10-2005 - 15:02
CVE-2005-2960 2.1
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
02-04-2010 - 01:35 05-10-2005 - 15:02
CVE-2005-2958 7.5
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
02-04-2010 - 01:35 25-10-2005 - 12:02
CVE-2005-1544 7.5
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.
05-03-2010 - 00:33 14-05-2005 - 00:00
CVE-2005-0106 4.6
SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file.
13-11-2009 - 00:39 03-05-2005 - 00:00
CVE-2005-4604 10.0
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable.
12-11-2009 - 00:51 31-12-2005 - 00:00
CVE-2005-2946 5.0
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signatur
07-01-2009 - 00:00 16-09-2005 - 18:03
CVE-2005-1195 7.5
Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious ser
15-11-2008 - 00:46 02-05-2005 - 00:00
CVE-2005-2971 7.5
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
10-09-2008 - 15:44 20-10-2005 - 06:02
CVE-2005-1344 7.5
Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to
10-09-2008 - 15:38 02-05-2005 - 00:00
CVE-2005-0366 5.0
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are
10-09-2008 - 15:35 02-05-2005 - 00:00
CVE-2005-0150 5.0
Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attacker
10-09-2008 - 15:35 26-05-2005 - 00:00
CVE-2005-0145 2.6
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
10-09-2008 - 15:35 24-01-2005 - 00:00
CVE-2004-1381 5.0
Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other
10-09-2008 - 15:30 20-10-2004 - 00:00
CVE-2004-1007 5.0
The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory add
10-09-2008 - 15:28 01-03-2005 - 00:00
CVE-2004-0956 5.0
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
10-09-2008 - 15:28 10-01-2005 - 00:00
CVE-2006-0071 6.6
The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
05-09-2008 - 16:58 03-01-2006 - 19:03
CVE-2005-4803 3.6
graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issu
05-09-2008 - 16:57 31-12-2005 - 00:00
CVE-2005-3409 5.0
OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.
05-09-2008 - 16:54 01-11-2005 - 19:02
CVE-2005-2967 7.5
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim play
05-09-2008 - 16:53 14-10-2005 - 06:02
CVE-2005-2964 7.5
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.
05-09-2008 - 16:53 28-09-2005 - 17:03
CVE-2005-2353 2.1
run-mozilla.sh in Thunderbird, with debugging enabled, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:51 05-08-2005 - 00:00
CVE-2005-2317 7.5
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.
05-09-2008 - 16:51 19-07-2005 - 00:00
CVE-2005-2231 2.1
High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:51 12-07-2005 - 00:00
CVE-2005-2151 5.0
spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption.
05-09-2008 - 16:51 06-07-2005 - 00:00
CVE-2005-1765 2.1
syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.
05-09-2008 - 16:50 31-05-2005 - 00:00
CVE-2005-1527 5.0
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function
05-09-2008 - 16:49 15-08-2005 - 00:00
CVE-2005-1369 2.1
The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to
05-09-2008 - 16:48 02-05-2005 - 00:00
CVE-2005-1368 1.2
The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP.
05-09-2008 - 16:48 02-05-2005 - 00:00
CVE-2004-2467 5.0
chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a large number of fake users, then eventually cause a denial of service (server crash).
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-1179 2.1
The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack on temporary directories.
05-09-2008 - 16:40 31-12-2004 - 00:00
CVE-2004-1001 4.6
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
05-09-2008 - 16:40 01-03-2005 - 00:00
CVE-2004-0969 2.1
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
05-09-2008 - 16:39 09-02-2005 - 00:00
CVE-2004-0911 5.0
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554.
05-09-2008 - 16:39 03-11-2004 - 00:00
Back to Top Mark selected
Back to Top