| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. |
| The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. |
| getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. |
| Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. |
| Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. |
| passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. |
| The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187. |
| rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. |
| Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit. |
| The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. |
| Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
| The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. |
| Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. |
| rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request. |
| Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. |
| The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts. |
| The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. |
| squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
| Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling. |
| Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed. |
