Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-1667 | 9.3 |
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf
|
26-06-2024 - 15:53 | 24-03-2007 - 21:19 | |
CVE-2009-0141 | 2.1 |
XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with insecure world-writable permissions, which allows local users to write to the Xterm of another user.
|
25-01-2024 - 21:31 | 13-02-2009 - 00:30 | |
CVE-2008-5183 | 4.3 |
cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service (daemon crash) by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggere
|
28-12-2023 - 15:35 | 21-11-2008 - 02:30 | |
CVE-2007-4965 | 5.8 |
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) t
|
02-08-2023 - 18:52 | 18-09-2007 - 22:17 | |
CVE-2008-3144 | 5.0 |
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to stri
|
02-08-2023 - 18:52 | 01-08-2008 - 14:41 | |
CVE-2008-2316 | 7.5 |
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
|
02-08-2023 - 18:52 | 01-08-2008 - 14:41 | |
CVE-2008-1679 | 6.8 |
Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue i
|
02-08-2023 - 18:52 | 22-04-2008 - 04:41 | |
CVE-2008-2315 | 7.5 |
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7)
|
02-08-2023 - 17:14 | 01-08-2008 - 14:41 | |
CVE-2006-3467 | 7.5 |
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
|
13-02-2023 - 02:16 | 21-07-2006 - 14:03 | |
CVE-2006-1861 | 7.5 |
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_
|
13-02-2023 - 02:16 | 23-05-2006 - 10:06 | |
CVE-2008-4864 | 7.5 |
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function,
|
05-07-2022 - 18:48 | 01-11-2008 - 00:00 | |
CVE-2008-1721 | 7.5 |
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
|
05-07-2022 - 18:43 | 10-04-2008 - 19:05 | |
CVE-2008-3142 | 7.5 |
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicod
|
05-07-2022 - 18:41 | 01-08-2008 - 14:41 | |
CVE-2008-1887 | 9.3 |
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when asse
|
27-06-2022 - 16:33 | 18-04-2008 - 17:05 | |
CVE-2008-2711 | 4.3 |
fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference wh
|
09-08-2021 - 21:15 | 16-06-2008 - 21:41 | |
CVE-2008-1808 | 7.5 |
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which trigger
|
26-01-2021 - 12:41 | 16-06-2008 - 19:41 | |
CVE-2008-5031 | 10.0 |
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs fun
|
25-10-2019 - 11:53 | 10-11-2008 - 16:15 | |
CVE-2007-1352 | 3.8 |
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. The vendor has addressed t
|
16-10-2018 - 16:38 | 06-04-2007 - 01:19 | |
CVE-2007-1351 | 8.5 |
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo
|
16-10-2018 - 16:38 | 06-04-2007 - 01:19 | |
CVE-2007-4565 | 5.0 |
sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.
|
15-10-2018 - 21:36 | 28-08-2007 - 01:17 | |
CVE-2008-5050 | 9.3 |
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, whic
|
11-10-2018 - 20:53 | 13-11-2008 - 02:30 | |
CVE-2008-3663 | 5.0 |
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
|
11-10-2018 - 20:49 | 24-09-2008 - 14:56 | |
CVE-2008-2360 | 9.0 |
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, whi
|
11-10-2018 - 20:40 | 16-06-2008 - 19:41 | |
CVE-2008-2361 | 6.8 |
Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calcul
|
11-10-2018 - 20:40 | 16-06-2008 - 19:41 | |
CVE-2008-2362 | 10.0 |
Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCrea
|
11-10-2018 - 20:40 | 16-06-2008 - 19:41 | |
CVE-2008-1927 | 5.0 |
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain oper
|
11-10-2018 - 20:37 | 24-04-2008 - 05:05 | |
CVE-2008-1807 | 7.5 |
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
|
11-10-2018 - 20:36 | 16-06-2008 - 19:41 | |
CVE-2008-1806 | 7.5 |
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buf
|
11-10-2018 - 20:36 | 16-06-2008 - 19:41 | |
CVE-2008-1377 | 9.0 |
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attac
|
11-10-2018 - 20:32 | 16-06-2008 - 19:41 | |
CVE-2008-1379 | 6.8 |
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height.
|
11-10-2018 - 20:32 | 16-06-2008 - 19:41 | |
CVE-2008-5314 | 4.3 |
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_ph
|
29-09-2017 - 01:32 | 03-12-2008 - 17:30 | |
CVE-2008-2379 | 4.3 |
Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
|
29-09-2017 - 01:31 | 05-12-2008 - 00:30 | |
CVE-2009-0011 | 7.2 |
Certificate Assistant in Apple Mac OS X 10.5.6 allows local users to overwrite arbitrary files via unknown vectors related to an "insecure file operation" on a temporary file.
|
08-08-2017 - 01:33 | 13-02-2009 - 00:30 | |
CVE-2009-0013 | 2.1 |
dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information.
|
08-08-2017 - 01:33 | 13-02-2009 - 00:30 | |
CVE-2009-0009 | 6.8 |
Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corrup
|
08-08-2017 - 01:33 | 13-02-2009 - 00:30 | |
CVE-2009-0142 | 1.9 |
Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic."
|
08-03-2011 - 03:17 | 12-02-2009 - 23:30 | |
CVE-2009-0018 | 7.8 |
The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0140 | 9.3 |
Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0020 | 7.8 |
Unspecified vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted resource fork that triggers memory corruption.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0017 | 7.2 |
csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0019 | 7.5 |
Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0014 | 2.1 |
Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a Downloads folder after it has been deleted, which allows local users to bypass intended access restrictions and read the Downloads folder.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0015 | 4.9 |
Unspecified vulnerability in fseventsd in the FSEvents framework in Apple Mac OS X 10.5.6 allows local users to obtain sensitive information (filesystem activities and directory names) via unknown vectors related to "credential management."
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0138 | 10.0 |
servermgrd (Server Manager) in Apple Mac OS X 10.5.6 does not properly validate authentication credentials, which allows remote attackers to modify the system configuration.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0139 | 9.3 |
Integer overflow in the SMB component in Apple Mac OS X 10.5.6 allows remote SMB servers to cause a denial of service (system shutdown) or execute arbitrary code via a crafted SMB file system that triggers a heap-based buffer overflow.
|
08-03-2011 - 03:17 | 13-02-2009 - 00:30 | |
CVE-2009-0012 | 10.0 |
Heap-based buffer overflow in CoreText in Apple Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via a crafted Unicode string.
|
07-03-2011 - 05:00 | 13-02-2009 - 00:30 | |
CVE-2009-0137 | 10.0 |
Multiple unspecified vulnerabilities in Safari RSS in Apple Mac OS X 10.4.11 and 10.5.6, and Windows XP and Vista, allow remote attackers to execute arbitrary JavaScript in the local security zone via a crafted feed: URL, related to "input validation
|
19-08-2009 - 05:25 | 13-02-2009 - 00:30 |