All the vulnerabilites related to redhat - fedora_core
cve-2004-1073
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "18684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18684"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "RHSA-2006:0190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html"
},
{
"name": "RHSA-2004:549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "RHSA-2005:293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "oval:org.mitre.oval:def:11503",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503"
},
{
"name": "RHSA-2006:0191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "18684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18684"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "RHSA-2006:0190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html"
},
{
"name": "RHSA-2004:549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "RHSA-2005:293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "oval:org.mitre.oval:def:11503",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503"
},
{
"name": "RHSA-2006:0191",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "18684",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18684"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt",
"refsource": "MISC",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "RHSA-2006:0190",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html"
},
{
"name": "RHSA-2004:549",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "RHSA-2005:293",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "RHSA-2004:505",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "oval:org.mitre.oval:def:11503",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503"
},
{
"name": "RHSA-2006:0191",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1073",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-29T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1334
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html | mailing-list, x_refsource_FULLDISC | |
| http://marc.info/?l=bugtraq&m=110383108211524&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/11956 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18522 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041215 fun with linux kernel",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "20041215 [USN-47-1] Linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "linux-ipoptionsget-dos(18522)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041215 fun with linux kernel",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "20041215 [USN-47-1] Linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "linux-ipoptionsget-dos(18522)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041215 fun with linux kernel",
"refsource": "FULLDISC",
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "20041215 [USN-47-1] Linux kernel vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"name": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html",
"refsource": "MISC",
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "linux-ipoptionsget-dos(18522)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1334",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-06T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0460
Vulnerability from cvelistv5
Published
2004-06-24 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/317350 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/10590 | vdb-entry, x_refsource_BID | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:061 | vendor-advisory, x_refsource_MANDRAKE | |
| http://secunia.com/advisories/23265 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=108795911203342&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=108938625206063&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16475 | vdb-entry, x_refsource_XF | |
| http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf | x_refsource_CONFIRM | |
| http://www.us-cert.gov/cas/techalerts/TA04-174A.html | third-party-advisory, x_refsource_CERT | |
| http://marc.info/?l=bugtraq&m=108843959502356&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:15.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#317350",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/317350"
},
{
"name": "10590",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10590"
},
{
"name": "MDKSA-2004:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"name": "23265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23265"
},
{
"name": "20040622 DHCP Vuln // no code 0day //",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"name": "20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"name": "SuSE-SA:2004:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"name": "dhcp-ascii-log-bo(16475)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16475"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"name": "TA04-174A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"name": "20040628 ISC DHCP overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#317350",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/317350"
},
{
"name": "10590",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10590"
},
{
"name": "MDKSA-2004:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"name": "23265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23265"
},
{
"name": "20040622 DHCP Vuln // no code 0day //",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"name": "20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"name": "SuSE-SA:2004:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"name": "dhcp-ascii-log-bo(16475)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16475"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"name": "TA04-174A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"name": "20040628 ISC DHCP overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#317350",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/317350"
},
{
"name": "10590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10590"
},
{
"name": "MDKSA-2004:061",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"name": "23265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23265"
},
{
"name": "20040622 DHCP Vuln // no code 0day //",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"name": "20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"name": "SuSE-SA:2004:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"name": "dhcp-ascii-log-bo(16475)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16475"
},
{
"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"name": "TA04-174A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"name": "20040628 ISC DHCP overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0460",
"datePublished": "2004-06-24T04:00:00",
"dateReserved": "2004-05-12T00:00:00",
"dateUpdated": "2024-08-08T00:17:15.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0905
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/651928 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.novell.com/linux/security/advisories/2004_36_mozilla.html | vendor-advisory, x_refsource_SUSE | |
| http://bugzilla.mozilla.org/show_bug.cgi?id=250862 | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=109900315219363&w=2 | vendor-advisory, x_refsource_FEDORA | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/11177 | vdb-entry, x_refsource_BID | |
| http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-200409-26.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17374 | vdb-entry, x_refsource_XF | |
| http://www.us-cert.gov/cas/techalerts/TA04-261A.html | third-party-advisory, x_refsource_CERT | |
| http://marc.info/?l=bugtraq&m=109698896104418&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#651928",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/651928"
},
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10378",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378"
},
{
"name": "11177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "mozilla-netscape-sameorigin-bypass(17374)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#651928",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/651928"
},
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10378",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378"
},
{
"name": "11177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "mozilla-netscape-sameorigin-bypass(17374)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#651928",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/651928"
},
{
"name": "SUSE-SA:2004:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862"
},
{
"name": "FLSA:2089",
"refsource": "FEDORA",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10378",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378"
},
{
"name": "11177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11177"
},
{
"name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "mozilla-netscape-sameorigin-bypass(17374)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374"
},
{
"name": "TA04-261A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0905",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-23T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0986
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:38
Severity ?
EPSS score ?
Summary
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/11570 | vdb-entry, x_refsource_BID | |
| https://bugzilla.fedora.us/show_bug.cgi?id=2252 | vendor-advisory, x_refsource_FEDORA | |
| http://www.debian.org/security/2004/dsa-580 | vendor-advisory, x_refsource_DEBIAN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17928 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:125 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.ciac.org/ciac/bulletins/p-026.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| https://www.ubuntu.com/usn/usn-81-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:38:59.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11570"
},
{
"name": "FLSA:2252",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2252"
},
{
"name": "DSA-580",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-580"
},
{
"name": "iptables-module-dos(17928)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17928"
},
{
"name": "MDKSA-2004:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:125"
},
{
"name": "P-026",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-026.shtml"
},
{
"name": "USN-81-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-81-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11570"
},
{
"name": "FLSA:2252",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2252"
},
{
"name": "DSA-580",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-580"
},
{
"name": "iptables-module-dos(17928)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17928"
},
{
"name": "MDKSA-2004:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:125"
},
{
"name": "P-026",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-026.shtml"
},
{
"name": "USN-81-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-81-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11570"
},
{
"name": "FLSA:2252",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2252"
},
{
"name": "DSA-580",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-580"
},
{
"name": "iptables-module-dos(17928)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17928"
},
{
"name": "MDKSA-2004:125",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:125"
},
{
"name": "P-026",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-026.shtml"
},
{
"name": "USN-81-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-81-1/"
},
{
"name": "http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html",
"refsource": "CONFIRM",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0986",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-25T00:00:00",
"dateUpdated": "2024-08-08T00:38:59.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1268
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2005-013.html | vendor-advisory, x_refsource_REDHAT | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.redhat.com/support/errata/RHSA-2005-053.html | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/50-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18606 | vdb-entry, x_refsource_XF | |
| http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://tigger.uic.edu/~jlongs2/holes/cups2.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.268Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "oval:org.mitre.oval:def:10398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "cups-lppasswd-passwd-truncate(18606)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18606"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "oval:org.mitre.oval:def:10398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "cups-lppasswd-passwd-truncate(18606)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18606"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:013",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "oval:org.mitre.oval:def:10398",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398"
},
{
"name": "MDKSA-2005:008",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "cups-lppasswd-passwd-truncate(18606)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18606"
},
{
"name": "GLSA-200412-25",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt",
"refsource": "MISC",
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1268",
"datePublished": "2004-12-22T05:00:00",
"dateReserved": "2004-12-20T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1071
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "19607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "oval:org.mitre.oval:def:9917",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "19607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "oval:org.mitre.oval:def:9917",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt",
"refsource": "MISC",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "19607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "oval:org.mitre.oval:def:9917",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1071",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-29T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0557
Vulnerability from cvelistv5
Published
2004-08-02 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.063Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-409.html"
},
{
"name": "10819",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10819"
},
{
"name": "FLSA:1945",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1945"
},
{
"name": "GLSA-200407-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml"
},
{
"name": "oval:org.mitre.oval:def:9801",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801"
},
{
"name": "12175",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12175"
},
{
"name": "sox-wav-bo(16827)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16827"
},
{
"name": "DSA-565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-565"
},
{
"name": "FEDORA-2004-244",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/95530/"
},
{
"name": "FEDORA-2004-235",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/95529/"
},
{
"name": "20040728 SoX buffer overflows when handling .WAV files",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html"
},
{
"name": "MDKSA-2004:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:076"
},
{
"name": "CLA-2004:855",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000855"
},
{
"name": "20040728 SoX buffer overflows when handling .WAV files",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2004/Jul/1227.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-409.html"
},
{
"name": "10819",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10819"
},
{
"name": "FLSA:1945",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1945"
},
{
"name": "GLSA-200407-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml"
},
{
"name": "oval:org.mitre.oval:def:9801",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801"
},
{
"name": "12175",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12175"
},
{
"name": "sox-wav-bo(16827)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16827"
},
{
"name": "DSA-565",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-565"
},
{
"name": "FEDORA-2004-244",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/95530/"
},
{
"name": "FEDORA-2004-235",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/95529/"
},
{
"name": "20040728 SoX buffer overflows when handling .WAV files",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html"
},
{
"name": "MDKSA-2004:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:076"
},
{
"name": "CLA-2004:855",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000855"
},
{
"name": "20040728 SoX buffer overflows when handling .WAV files",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2004/Jul/1227.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:409",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-409.html"
},
{
"name": "10819",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10819"
},
{
"name": "FLSA:1945",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1945"
},
{
"name": "GLSA-200407-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml"
},
{
"name": "oval:org.mitre.oval:def:9801",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801"
},
{
"name": "12175",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12175"
},
{
"name": "sox-wav-bo(16827)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16827"
},
{
"name": "DSA-565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-565"
},
{
"name": "FEDORA-2004-244",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/95530/"
},
{
"name": "FEDORA-2004-235",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/95529/"
},
{
"name": "20040728 SoX buffer overflows when handling .WAV files",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html"
},
{
"name": "MDKSA-2004:076",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:076"
},
{
"name": "CLA-2004:855",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000855"
},
{
"name": "20040728 SoX buffer overflows when handling .WAV files",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2004/Jul/1227.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0557",
"datePublished": "2004-08-02T04:00:00",
"dateReserved": "2004-06-14T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0461
Vulnerability from cvelistv5
Published
2004-06-24 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/654390 | third-party-advisory, x_refsource_CERT-VN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16476 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:061 | vendor-advisory, x_refsource_MANDRAKE | |
| http://secunia.com/advisories/23265 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=108795911203342&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=108938625206063&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securityfocus.com/bid/10591 | vdb-entry, x_refsource_BID | |
| http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf | x_refsource_CONFIRM | |
| http://www.us-cert.gov/cas/techalerts/TA04-174A.html | third-party-advisory, x_refsource_CERT | |
| http://marc.info/?l=bugtraq&m=108843959502356&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:15.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#654390",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/654390"
},
{
"name": "dhcp-c-include-bo(16476)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16476"
},
{
"name": "MDKSA-2004:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"name": "23265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23265"
},
{
"name": "20040622 DHCP Vuln // no code 0day //",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"name": "20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"name": "SuSE-SA:2004:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"name": "10591",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10591"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"name": "TA04-174A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"name": "20040628 ISC DHCP overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#654390",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/654390"
},
{
"name": "dhcp-c-include-bo(16476)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16476"
},
{
"name": "MDKSA-2004:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"name": "23265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23265"
},
{
"name": "20040622 DHCP Vuln // no code 0day //",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"name": "20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"name": "SuSE-SA:2004:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"name": "10591",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10591"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"name": "TA04-174A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"name": "20040628 ISC DHCP overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#654390",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/654390"
},
{
"name": "dhcp-c-include-bo(16476)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16476"
},
{
"name": "MDKSA-2004:061",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"name": "23265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23265"
},
{
"name": "20040622 DHCP Vuln // no code 0day //",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"name": "20040708 [OpenPKG-SA-2004.031] OpenPKG Security Advisory (dhcpd)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"name": "SuSE-SA:2004:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"name": "10591",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10591"
},
{
"name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"name": "TA04-174A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"name": "20040628 ISC DHCP overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0461",
"datePublished": "2004-06-24T04:00:00",
"dateReserved": "2004-05-12T00:00:00",
"dateUpdated": "2024-08-08T00:17:15.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0888
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:592",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "USN-9-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "DSA-581",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"name": "DSA-573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"name": "FLSA:2353",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "MDKSA-2004:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"name": "DSA-599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "RHSA-2004:543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"name": "oval:org.mitre.oval:def:9714",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"name": "CLA-2004:886",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"name": "MDKSA-2004:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "MDKSA-2004:115",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"name": "FLSA:2352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:592",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:066",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "USN-9-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "DSA-581",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"name": "DSA-573",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"name": "FLSA:2353",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "MDKSA-2004:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"name": "DSA-599",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "RHSA-2004:543",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"name": "oval:org.mitre.oval:def:9714",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"name": "CLA-2004:886",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"name": "MDKSA-2004:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "MDKSA-2004:115",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"name": "FLSA:2352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:592",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"name": "11501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:066",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"name": "USN-9-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"name": "MDKSA-2004:113",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "DSA-581",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"name": "DSA-573",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"name": "FLSA:2353",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"name": "MDKSA-2004:116",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"name": "DSA-599",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"name": "xpdf-pdf-bo(17818)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "RHSA-2005:354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "RHSA-2004:543",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"name": "oval:org.mitre.oval:def:9714",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"name": "CLA-2004:886",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"name": "MDKSA-2004:114",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"name": "GLSA-200410-30",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "MDKSA-2004:115",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"name": "SUSE-SA:2004:039",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"name": "FLSA:2352",
"refsource": "FEDORA",
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0888",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1015
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18274 | vdb-entry, x_refsource_XF | |
| http://asg.web.cmu.edu/cyrus/download/imapd/changes.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:139 | vendor-advisory, x_refsource_MANDRAKE | |
| http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=145 | mailing-list, x_refsource_MLIST | |
| http://security.gentoo.org/glsa/glsa-200411-34.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cyrus-magic-plus-bo(18274)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cyrus-magic-plus-bo(18274)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cyrus-magic-plus-bo(18274)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
},
{
"name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
"refsource": "CONFIRM",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "[cyrus-announce] 20041123 Cyrus IMAPd 2.2.10 Released",
"refsource": "MLIST",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
},
{
"name": "GLSA-200411-34",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1015",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-04T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0453
Vulnerability from cvelistv5
Published
2006-02-14 22:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/18960 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24795 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/16677 | vdb-entry, x_refsource_BID | |
| http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.852Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18960"
},
{
"name": "fedora-ber-bad-sequence-dos(24795)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24795"
},
{
"name": "16677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16677"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain \"bad BER sequence\" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "18960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18960"
},
{
"name": "fedora-ber-bad-sequence-dos(24795)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24795"
},
{
"name": "16677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16677"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0453",
"datePublished": "2006-02-14T22:00:00",
"dateReserved": "2006-01-27T00:00:00",
"dateUpdated": "2024-08-07T16:34:14.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1267
Vulnerability from cvelistv5
Published
2005-06-20 04:00
Modified
2024-08-07 21:44
Severity ?
EPSS score ?
Summary
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/13906 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/17118 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.trustix.org/errata/2005/0028/ | vendor-advisory, x_refsource_TRUSTIX | |
| https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208 | x_refsource_MISC | |
| http://secunia.com/advisories/15634/ | third-party-advisory, x_refsource_SECUNIA | |
| http://www.redhat.com/support/errata/RHSA-2005-505.html | vendor-advisory, x_refsource_REDHAT | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/archive/1/430292/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://www.debian.org/security/2005/dsa-854 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:05.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13906",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13906"
},
{
"name": "17118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17118"
},
{
"name": "2005-0028",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0028/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208"
},
{
"name": "15634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15634/"
},
{
"name": "RHSA-2005:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-505.html"
},
{
"name": "oval:org.mitre.oval:def:11148",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148"
},
{
"name": "FEDORA-2005-406",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html"
},
{
"name": "FLSA:156139",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430292/100/0/threaded"
},
{
"name": "DSA-854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-854"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "13906",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13906"
},
{
"name": "17118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17118"
},
{
"name": "2005-0028",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0028/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208"
},
{
"name": "15634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15634/"
},
{
"name": "RHSA-2005:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-505.html"
},
{
"name": "oval:org.mitre.oval:def:11148",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148"
},
{
"name": "FEDORA-2005-406",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html"
},
{
"name": "FLSA:156139",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/430292/100/0/threaded"
},
{
"name": "DSA-854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-854"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-1267",
"datePublished": "2005-06-20T04:00:00",
"dateReserved": "2005-04-25T00:00:00",
"dateUpdated": "2024-08-07T21:44:05.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1070
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "19607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "oval:org.mitre.oval:def:9450",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9450"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "RHSA-2004:549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "19607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "oval:org.mitre.oval:def:9450",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9450"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "RHSA-2004:549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt",
"refsource": "MISC",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "19607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "oval:org.mitre.oval:def:9450",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9450"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "RHSA-2004:549",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1070",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-29T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0882
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.947Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012235",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012235"
},
{
"name": "20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110055646329581\u0026w=2"
},
{
"name": "20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"name": "samba-qfilepathinfo-bo(18070)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18070"
},
{
"name": "VU#457622",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/457622"
},
{
"name": "CLA-2004:899",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"name": "13189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13189"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/132004.html"
},
{
"name": "20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110054671403755\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9969",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969"
},
{
"name": "APPLE-SA-2005-03-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "2004-0058",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.net/errata/2004/0058/"
},
{
"name": "11782",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11782"
},
{
"name": "20041201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"name": "P-038",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-038.shtml"
},
{
"name": "SUSE-SA:2004:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"name": "SCOSA-2005.17",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small \"maximum data bytes\" value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012235",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012235"
},
{
"name": "20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110055646329581\u0026w=2"
},
{
"name": "20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"name": "samba-qfilepathinfo-bo(18070)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18070"
},
{
"name": "VU#457622",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/457622"
},
{
"name": "CLA-2004:899",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"name": "13189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13189"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/132004.html"
},
{
"name": "20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110054671403755\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9969",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969"
},
{
"name": "APPLE-SA-2005-03-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "2004-0058",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.net/errata/2004/0058/"
},
{
"name": "11782",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11782"
},
{
"name": "20041201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"name": "P-038",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-038.shtml"
},
{
"name": "SUSE-SA:2004:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"name": "SCOSA-2005.17",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small \"maximum data bytes\" value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012235",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012235"
},
{
"name": "20041115 [SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110055646329581\u0026w=2"
},
{
"name": "20041217 [OpenPKG-SA-2004.054] OpenPKG Security Advisory (samba)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"name": "samba-qfilepathinfo-bo(18070)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18070"
},
{
"name": "VU#457622",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/457622"
},
{
"name": "CLA-2004:899",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"name": "13189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13189"
},
{
"name": "http://security.e-matters.de/advisories/132004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/132004.html"
},
{
"name": "20041115 Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110054671403755\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9969",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969"
},
{
"name": "APPLE-SA-2005-03-21",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "2004-0058",
"refsource": "TRUSTIX",
"url": "http://www.trustix.net/errata/2004/0058/"
},
{
"name": "11782",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11782"
},
{
"name": "20041201-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"name": "P-038",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-038.shtml"
},
{
"name": "SUSE-SA:2004:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"name": "SCOSA-2005.17",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0882",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.947Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0594
Vulnerability from cvelistv5
Published
2004-07-16 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2004-0039",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0039/"
},
{
"name": "20040714 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html"
},
{
"name": "CLA-2004:847",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "RHSA-2004:395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "oval:org.mitre.oval:def:10896",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896"
},
{
"name": "RHSA-2004:392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "php-memorylimit-code-execution(16693)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16693"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10725",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10725"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2004-0039",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0039/"
},
{
"name": "20040714 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html"
},
{
"name": "CLA-2004:847",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "RHSA-2004:395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "oval:org.mitre.oval:def:10896",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896"
},
{
"name": "RHSA-2004:392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "php-memorylimit-code-execution(16693)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16693"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10725",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10725"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2004-0039",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0039/"
},
{
"name": "20040714 Advisory 11/2004: PHP memory_limit remote vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html"
},
{
"name": "CLA-2004:847",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "RHSA-2004:395",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "oval:org.mitre.oval:def:10896",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10896"
},
{
"name": "RHSA-2004:392",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "RHSA-2005:816",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "php-memorylimit-code-execution(16693)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16693"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10725"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0594",
"datePublished": "2004-07-16T04:00:00",
"dateReserved": "2004-06-23T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0619
Vulnerability from cvelistv5
Published
2004-06-30 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=108802653409053&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.redhat.com/support/errata/RHSA-2005-283.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2004-549.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.ciac.org/ciac/bulletins/p-047.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| http://www.securityfocus.com/bid/10599 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773 | vdb-entry, signature, x_refsource_OVAL | |
| http://secunia.com/advisories/11936 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16459 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
},
{
"name": "RHSA-2005:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"name": "RHSA-2004:549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "P-047",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
},
{
"name": "10599",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10599"
},
{
"name": "oval:org.mitre.oval:def:9773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
},
{
"name": "11936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11936"
},
{
"name": "bcm5820-adddsabufbytes-integer-bo(16459)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
},
{
"name": "RHSA-2005:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"name": "RHSA-2004:549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "P-047",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
},
{
"name": "10599",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10599"
},
{
"name": "oval:org.mitre.oval:def:9773",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
},
{
"name": "11936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11936"
},
{
"name": "bcm5820-adddsabufbytes-integer-bo(16459)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
},
{
"name": "RHSA-2005:283",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"name": "RHSA-2004:549",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"name": "P-047",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
},
{
"name": "10599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10599"
},
{
"name": "oval:org.mitre.oval:def:9773",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
},
{
"name": "11936",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11936"
},
{
"name": "bcm5820-adddsabufbytes-integer-bo(16459)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0619",
"datePublished": "2004-06-30T04:00:00",
"dateReserved": "2004-06-29T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0989
Vulnerability from cvelistv5
Published
2004-10-28 04:00
Modified
2024-08-08 00:38
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:38:59.682Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "APPLE-SA-2005-01-25",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"name": "20041026 libxml2 remote buffer overflows (not in xml parsing code though)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880813013482\u0026w=2"
},
{
"name": "P-029",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-029.shtml"
},
{
"name": "11179",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11179"
},
{
"name": "1011941",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011941"
},
{
"name": "RHSA-2004:615",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-615.html"
},
{
"name": "11526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11526"
},
{
"name": "oval:org.mitre.oval:def:10505",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10505"
},
{
"name": "libxml2-nanoftp-file-bo(17872)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17872"
},
{
"name": "RHSA-2004:650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-650.html"
},
{
"name": "GLSA-200411-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml"
},
{
"name": "CLA-2004:890",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000890"
},
{
"name": "11324",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11324"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "oval:org.mitre.oval:def:1173",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1173"
},
{
"name": "USN-89-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-89-1/"
},
{
"name": "13000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13000"
},
{
"name": "DSA-582",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-582"
},
{
"name": "libxml2-xmlnanoftpscanurl-bo(17870)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17870"
},
{
"name": "libxml2-xmlnanoftpscanproxy-bo(17875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17875"
},
{
"name": "11180",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11180"
},
{
"name": "libxml2-nanohttp-file-bo(17876)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17876"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "APPLE-SA-2005-01-25",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"name": "20041026 libxml2 remote buffer overflows (not in xml parsing code though)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880813013482\u0026w=2"
},
{
"name": "P-029",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-029.shtml"
},
{
"name": "11179",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11179"
},
{
"name": "1011941",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011941"
},
{
"name": "RHSA-2004:615",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-615.html"
},
{
"name": "11526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11526"
},
{
"name": "oval:org.mitre.oval:def:10505",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10505"
},
{
"name": "libxml2-nanoftp-file-bo(17872)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17872"
},
{
"name": "RHSA-2004:650",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-650.html"
},
{
"name": "GLSA-200411-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml"
},
{
"name": "CLA-2004:890",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000890"
},
{
"name": "11324",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11324"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "oval:org.mitre.oval:def:1173",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1173"
},
{
"name": "USN-89-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-89-1/"
},
{
"name": "13000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13000"
},
{
"name": "DSA-582",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-582"
},
{
"name": "libxml2-xmlnanoftpscanurl-bo(17870)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17870"
},
{
"name": "libxml2-xmlnanoftpscanproxy-bo(17875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17875"
},
{
"name": "11180",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11180"
},
{
"name": "libxml2-nanohttp-file-bo(17876)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17876"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2005-01-25",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"name": "20041026 libxml2 remote buffer overflows (not in xml parsing code though)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109880813013482\u0026w=2"
},
{
"name": "P-029",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-029.shtml"
},
{
"name": "11179",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11179"
},
{
"name": "1011941",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011941"
},
{
"name": "RHSA-2004:615",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-615.html"
},
{
"name": "11526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11526"
},
{
"name": "oval:org.mitre.oval:def:10505",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10505"
},
{
"name": "libxml2-nanoftp-file-bo(17872)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17872"
},
{
"name": "RHSA-2004:650",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-650.html"
},
{
"name": "GLSA-200411-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml"
},
{
"name": "CLA-2004:890",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000890"
},
{
"name": "11324",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11324"
},
{
"name": "SUSE-SR:2005:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "oval:org.mitre.oval:def:1173",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1173"
},
{
"name": "USN-89-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-89-1/"
},
{
"name": "13000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13000"
},
{
"name": "DSA-582",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-582"
},
{
"name": "libxml2-xmlnanoftpscanurl-bo(17870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17870"
},
{
"name": "libxml2-xmlnanoftpscanproxy-bo(17875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17875"
},
{
"name": "11180",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11180"
},
{
"name": "libxml2-nanohttp-file-bo(17876)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17876"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0989",
"datePublished": "2004-10-28T04:00:00",
"dateReserved": "2004-10-27T00:00:00",
"dateUpdated": "2024-08-08T00:38:59.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1154
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.samba.org/samba/security/CAN-2004-1154.html"
},
{
"name": "101643",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1"
},
{
"name": "oval:org.mitre.oval:def:10236",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236"
},
{
"name": "11973",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11973"
},
{
"name": "samba-msrpc-heap-corruption(18519)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18519"
},
{
"name": "RHSA-2005:020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-020.html"
},
{
"name": "oval:org.mitre.oval:def:642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642"
},
{
"name": "13453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13453/"
},
{
"name": "DSA-701",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-701"
},
{
"name": "APPLE-SA-2005-03-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "57730",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1"
},
{
"name": "20041216 Samba smbd Security Descriptor Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=165\u0026type=vulnerabilities"
},
{
"name": "SUSE-SA:2004:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_45_samba.html"
},
{
"name": "oval:org.mitre.oval:def:1459",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459"
},
{
"name": "SCOSA-2005.17",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"name": "VU#226184",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/226184"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.samba.org/samba/security/CAN-2004-1154.html"
},
{
"name": "101643",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1"
},
{
"name": "oval:org.mitre.oval:def:10236",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236"
},
{
"name": "11973",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11973"
},
{
"name": "samba-msrpc-heap-corruption(18519)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18519"
},
{
"name": "RHSA-2005:020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-020.html"
},
{
"name": "oval:org.mitre.oval:def:642",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642"
},
{
"name": "13453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13453/"
},
{
"name": "DSA-701",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-701"
},
{
"name": "APPLE-SA-2005-03-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "57730",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1"
},
{
"name": "20041216 Samba smbd Security Descriptor Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=165\u0026type=vulnerabilities"
},
{
"name": "SUSE-SA:2004:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_45_samba.html"
},
{
"name": "oval:org.mitre.oval:def:1459",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459"
},
{
"name": "SCOSA-2005.17",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"name": "VU#226184",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/226184"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.samba.org/samba/security/CAN-2004-1154.html",
"refsource": "CONFIRM",
"url": "http://www.samba.org/samba/security/CAN-2004-1154.html"
},
{
"name": "101643",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1"
},
{
"name": "oval:org.mitre.oval:def:10236",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236"
},
{
"name": "11973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11973"
},
{
"name": "samba-msrpc-heap-corruption(18519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18519"
},
{
"name": "RHSA-2005:020",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-020.html"
},
{
"name": "oval:org.mitre.oval:def:642",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642"
},
{
"name": "13453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13453/"
},
{
"name": "DSA-701",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-701"
},
{
"name": "APPLE-SA-2005-03-21",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "57730",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1"
},
{
"name": "20041216 Samba smbd Security Descriptor Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=165\u0026type=vulnerabilities"
},
{
"name": "SUSE-SA:2004:045",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_45_samba.html"
},
{
"name": "oval:org.mitre.oval:def:1459",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459"
},
{
"name": "SCOSA-2005.17",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"name": "VU#226184",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/226184"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1154",
"datePublished": "2004-12-22T05:00:00",
"dateReserved": "2004-12-07T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0373
Vulnerability from cvelistv5
Published
2005-02-13 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.linuxcompatible.org/print42495.html | vendor-advisory, x_refsource_SUSE | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:054 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html | mailing-list, x_refsource_MLIST | |
| https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup | x_refsource_CONFIRM | |
| https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/11347 | vdb-entry, x_refsource_BID | |
| http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17642 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SR:2005:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.linuxcompatible.org/print42495.html"
},
{
"name": "MDKSA-2005:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:054"
},
{
"name": "[openbsd-ports] 20040717 UPDATE: cyrus-sasl-2.1.19",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
},
{
"name": "11347",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11347"
},
{
"name": "GLSA-200410-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
},
{
"name": "cyrus-sasl-digestmda5-bo(17642)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SR:2005:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.linuxcompatible.org/print42495.html"
},
{
"name": "MDKSA-2005:054",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:054"
},
{
"name": "[openbsd-ports] 20040717 UPDATE: cyrus-sasl-2.1.19",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
},
{
"name": "11347",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11347"
},
{
"name": "GLSA-200410-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
},
{
"name": "cyrus-sasl-digestmda5-bo(17642)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SR:2005:006",
"refsource": "SUSE",
"url": "http://www.linuxcompatible.org/print42495.html"
},
{
"name": "MDKSA-2005:054",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:054"
},
{
"name": "[openbsd-ports] 20040717 UPDATE: cyrus-sasl-2.1.19",
"refsource": "MLIST",
"url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
},
{
"name": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup",
"refsource": "CONFIRM",
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
},
{
"name": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171",
"refsource": "CONFIRM",
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
},
{
"name": "11347",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11347"
},
{
"name": "GLSA-200410-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
},
{
"name": "cyrus-sasl-digestmda5-bo(17642)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0373",
"datePublished": "2005-02-13T05:00:00",
"dateReserved": "2005-02-13T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0745
Vulnerability from cvelistv5
Published
2006-03-21 02:00
Modified
2024-08-07 16:48
Severity ?
EPSS score ?
Summary
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:55.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2006:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:056"
},
{
"name": "20060320 Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/428230/100/0/threaded"
},
{
"name": "xorg-geteuid-privilege-escalation(25341)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25341"
},
{
"name": "FEDORA-2006-172",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"
},
{
"name": "20060320 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/428183/100/0/threaded"
},
{
"name": "1015793",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015793"
},
{
"name": "19256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19256"
},
{
"name": "102252",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1"
},
{
"name": "24000",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24000"
},
{
"name": "19676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19676"
},
{
"name": "19316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19316"
},
{
"name": "24001",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/24001"
},
{
"name": "ADV-2006-1017",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1017"
},
{
"name": "606",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/606"
},
{
"name": "17169",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17169"
},
{
"name": "SUSE-SA:2006:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_16_xorgx11server.html"
},
{
"name": "ADV-2006-1028",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1028"
},
{
"name": "19307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19307"
},
{
"name": "19311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19311"
},
{
"name": "oval:org.mitre.oval:def:1697",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1697"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "MDKSA-2006:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:056"
},
{
"name": "20060320 Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/428230/100/0/threaded"
},
{
"name": "xorg-geteuid-privilege-escalation(25341)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25341"
},
{
"name": "FEDORA-2006-172",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"
},
{
"name": "20060320 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/428183/100/0/threaded"
},
{
"name": "1015793",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015793"
},
{
"name": "19256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19256"
},
{
"name": "102252",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1"
},
{
"name": "24000",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24000"
},
{
"name": "19676",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19676"
},
{
"name": "19316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19316"
},
{
"name": "24001",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/24001"
},
{
"name": "ADV-2006-1017",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1017"
},
{
"name": "606",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/606"
},
{
"name": "17169",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17169"
},
{
"name": "SUSE-SA:2006:016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_16_xorgx11server.html"
},
{
"name": "ADV-2006-1028",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1028"
},
{
"name": "19307",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19307"
},
{
"name": "19311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19311"
},
{
"name": "oval:org.mitre.oval:def:1697",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1697"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-0745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2006:056",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:056"
},
{
"name": "20060320 Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428230/100/0/threaded"
},
{
"name": "xorg-geteuid-privilege-escalation(25341)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25341"
},
{
"name": "FEDORA-2006-172",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00026.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"
},
{
"name": "20060320 [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428183/100/0/threaded"
},
{
"name": "1015793",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015793"
},
{
"name": "19256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19256"
},
{
"name": "102252",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1"
},
{
"name": "24000",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24000"
},
{
"name": "19676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19676"
},
{
"name": "19316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19316"
},
{
"name": "24001",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24001"
},
{
"name": "ADV-2006-1017",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1017"
},
{
"name": "606",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/606"
},
{
"name": "17169",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17169"
},
{
"name": "SUSE-SA:2006:016",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_16_xorgx11server.html"
},
{
"name": "ADV-2006-1028",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1028"
},
{
"name": "19307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19307"
},
{
"name": "19311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19311"
},
{
"name": "oval:org.mitre.oval:def:1697",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1697"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0745",
"datePublished": "2006-03-21T02:00:00",
"dateReserved": "2006-02-17T00:00:00",
"dateUpdated": "2024-08-07T16:48:55.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0918
Vulnerability from cvelistv5
Published
2004-10-21 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2005:923",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
},
{
"name": "11385",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11385"
},
{
"name": "SCOSA-2005.16",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
},
{
"name": "RHSA-2004:591",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
},
{
"name": "20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
},
{
"name": "oval:org.mitre.oval:def:10931",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
},
{
"name": "ADV-2008-1969",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1969/references"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "FLSA-2006:152809",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"name": "FEDORA-2008-6045",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
},
{
"name": "OpenPKG-SA-2004.048",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
},
{
"name": "squid-snmp-asnparseheader-dos(17688)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
},
{
"name": "30914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30914"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
},
{
"name": "GLSA-200410-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2005:923",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
},
{
"name": "11385",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11385"
},
{
"name": "SCOSA-2005.16",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
},
{
"name": "RHSA-2004:591",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
},
{
"name": "20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
},
{
"name": "oval:org.mitre.oval:def:10931",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
},
{
"name": "ADV-2008-1969",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1969/references"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "FLSA-2006:152809",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"name": "FEDORA-2008-6045",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
},
{
"name": "OpenPKG-SA-2004.048",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
},
{
"name": "squid-snmp-asnparseheader-dos(17688)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
},
{
"name": "30914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30914"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
},
{
"name": "GLSA-200410-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2005:923",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
},
{
"name": "11385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11385"
},
{
"name": "SCOSA-2005.16",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
},
{
"name": "RHSA-2004:591",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
},
{
"name": "20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt",
"refsource": "CONFIRM",
"url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
},
{
"name": "oval:org.mitre.oval:def:10931",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
},
{
"name": "ADV-2008-1969",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1969/references"
},
{
"name": "30967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30967"
},
{
"name": "FLSA-2006:152809",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"name": "SUSE-SR:2008:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"name": "FEDORA-2008-6045",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
},
{
"name": "OpenPKG-SA-2004.048",
"refsource": "OPENPKG",
"url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
},
{
"name": "squid-snmp-asnparseheader-dos(17688)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
},
{
"name": "30914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30914"
},
{
"name": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt",
"refsource": "CONFIRM",
"url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
},
{
"name": "GLSA-200410-15",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0918",
"datePublished": "2004-10-21T04:00:00",
"dateReserved": "2004-09-27T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1011
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.e-matters.de/advisories/152004.html | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18198 | vdb-entry, x_refsource_XF | |
| http://asg.web.cmu.edu/cyrus/download/imapd/changes.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:139 | vendor-advisory, x_refsource_MANDRAKE | |
| http://marc.info/?l=bugtraq&m=110123023521619&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/13274/ | third-party-advisory, x_refsource_SECUNIA | |
| http://security.gentoo.org/glsa/glsa-200411-34.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"name": "cyrus-imap-username-bo(18198)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"name": "cyrus-imap-username-bo(18198)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://security.e-matters.de/advisories/152004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"name": "cyrus-imap-username-bo(18198)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
},
{
"name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
"refsource": "CONFIRM",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"refsource": "MLIST",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1011",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-04T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0452
Vulnerability from cvelistv5
Published
2006-02-14 22:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24796 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/18960 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/16677 | vdb-entry, x_refsource_BID | |
| http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179137 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fedora-dn2ancestor-dos(24796)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24796"
},
{
"name": "18960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18960"
},
{
"name": "16677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16677"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of \",\" (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "fedora-dn2ancestor-dos(24796)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24796"
},
{
"name": "18960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18960"
},
{
"name": "16677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16677"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179137"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0452",
"datePublished": "2006-02-14T22:00:00",
"dateReserved": "2006-01-27T00:00:00",
"dateUpdated": "2024-08-07T16:34:14.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0961
Vulnerability from cvelistv5
Published
2004-10-20 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200409-29.xml | vendor-advisory, x_refsource_GENTOO | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/11222 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17440 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/541574 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "oval:org.mitre.oval:def:10024",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "oval:org.mitre.oval:def:10024",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200409-29",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "oval:org.mitre.oval:def:10024",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"name": "11222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/541574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0961",
"datePublished": "2004-10-20T04:00:00",
"dateReserved": "2004-10-18T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0886
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "P-015",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "oval:org.mitre.oval:def:9907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "VU#687568",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"name": "1011674",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011674"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "libtiff-bo(17715)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"name": "2004-0054",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "oval:org.mitre.oval:def:100116",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "OpenPKG-SA-2004.043",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "P-015",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "oval:org.mitre.oval:def:9907",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "VU#687568",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"name": "1011674",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011674"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "libtiff-bo(17715)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"name": "2004-0054",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "oval:org.mitre.oval:def:100116",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "OpenPKG-SA-2004.043",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:577",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "RHSA-2005:021",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "P-015",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"name": "201072",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "oval:org.mitre.oval:def:9907",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"name": "101677",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "VU#687568",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"name": "1011674",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011674"
},
{
"name": "CLA-2004:888",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "libtiff-bo(17715)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"name": "2004-0054",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"name": "http://www.kde.org/info/security/advisory-20041209-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12818"
},
{
"name": "11406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "oval:org.mitre.oval:def:100116",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"name": "DSA-567",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "OpenPKG-SA-2004.043",
"refsource": "OPENPKG",
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0886",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0415
Vulnerability from cvelistv5
Published
2004-08-05 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2004-413.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2004-418.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml | vendor-advisory, x_refsource_GENTOO | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9965 | vdb-entry, signature, x_refsource_OVAL | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000879 | vendor-advisory, x_refsource_CONECTIVA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16877 | vdb-entry, x_refsource_XF | |
| http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:087 | vendor-advisory, x_refsource_MANDRAKE | |
| ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc | vendor-advisory, x_refsource_SGI |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"name": "GLSA-200408-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml"
},
{
"name": "oval:org.mitre.oval:def:9965",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9965"
},
{
"name": "CLA-2004:879",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000879"
},
{
"name": "linux-pointer-info-disclosure(16877)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16877"
},
{
"name": "MDKSA-2004:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:087"
},
{
"name": "20040804-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"name": "GLSA-200408-24",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml"
},
{
"name": "oval:org.mitre.oval:def:9965",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9965"
},
{
"name": "CLA-2004:879",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000879"
},
{
"name": "linux-pointer-info-disclosure(16877)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16877"
},
{
"name": "MDKSA-2004:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:087"
},
{
"name": "20040804-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:413",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"name": "GLSA-200408-24",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml"
},
{
"name": "oval:org.mitre.oval:def:9965",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9965"
},
{
"name": "CLA-2004:879",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000879"
},
{
"name": "linux-pointer-info-disclosure(16877)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16877"
},
{
"name": "MDKSA-2004:087",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:087"
},
{
"name": "20040804-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0415",
"datePublished": "2004-08-05T04:00:00",
"dateReserved": "2004-04-16T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0754
Vulnerability from cvelistv5
Published
2005-04-24 04:00
Modified
2024-08-07 21:28
Severity ?
EPSS score ?
Summary
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kde.org/info/security/advisory-20050420-1.txt | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=111419664411051&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/15060 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/13313 | vdb-entry, x_refsource_BID | |
| ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:27.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"name": "20050422 [KDE Security Advisory]: Kommander untrusted code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"name": "15060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15060"
},
{
"name": "13313",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13313"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"name": "20050422 [KDE Security Advisory]: Kommander untrusted code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"name": "15060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15060"
},
{
"name": "13313",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13313"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-0754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.kde.org/info/security/advisory-20050420-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"name": "20050422 [KDE Security Advisory]: Kommander untrusted code execution",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"name": "15060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15060"
},
{
"name": "13313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13313"
},
{
"name": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff",
"refsource": "CONFIRM",
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0754",
"datePublished": "2005-04-24T04:00:00",
"dateReserved": "2005-03-17T00:00:00",
"dateUpdated": "2024-08-07T21:28:27.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2874
Vulnerability from cvelistv5
Published
2007-07-27 21:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/46833 | vdb-entry, x_refsource_OSVDB | |
| http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-0186 | vendor-advisory, x_refsource_FEDORA | |
| http://www.redhat.com/archives/fedora-package-announce/2007-June/msg00032.html | mailing-list, x_refsource_MLIST | |
| http://www.vupen.com/english/advisories/2007/2053 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46833",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/46833"
},
{
"name": "FEDORA-2007-0186",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-0186"
},
{
"name": "[fedora-package-announce] 20070604 [SECURITY] Fedora 7 Update: NetworkManager-0.6.5-3.fc7",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-June/msg00032.html"
},
{
"name": "ADV-2007-2053",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2053"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "46833",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/46833"
},
{
"name": "FEDORA-2007-0186",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-0186"
},
{
"name": "[fedora-package-announce] 20070604 [SECURITY] Fedora 7 Update: NetworkManager-0.6.5-3.fc7",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-June/msg00032.html"
},
{
"name": "ADV-2007-2053",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2053"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-2874",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46833",
"refsource": "OSVDB",
"url": "http://osvdb.org/46833"
},
{
"name": "FEDORA-2007-0186",
"refsource": "FEDORA",
"url": "http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-0186"
},
{
"name": "[fedora-package-announce] 20070604 [SECURITY] Fedora 7 Update: NetworkManager-0.6.5-3.fc7",
"refsource": "MLIST",
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-June/msg00032.html"
},
{
"name": "ADV-2007-2053",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2053"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2874",
"datePublished": "2007-07-27T21:00:00",
"dateReserved": "2007-05-29T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1352
Vulnerability from cvelistv5
Published
2007-04-06 01:00
Modified
2024-08-07 12:50
Severity ?
EPSS score ?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-1352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"name": "https://issues.rpath.com/browse/RPL-1213",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-223",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1352",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-03-08T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0595
Vulnerability from cvelistv5
Published
2004-07-16 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2004:847",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "oval:org.mitre.oval:def:10619",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"name": "RHSA-2004:395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "RHSA-2004:392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "php-strip-tag-bypass(16692)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10724",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2004:847",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "oval:org.mitre.oval:def:10619",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"name": "RHSA-2004:395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "RHSA-2004:392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "php-strip-tag-bypass(16692)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10724",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0595",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2004:847",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"name": "20040714 TSSA-2004-013 - php",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"name": "DSA-669",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"name": "oval:org.mitre.oval:def:10619",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"name": "RHSA-2004:395",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"name": "RHSA-2004:405",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"name": "RHSA-2004:392",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"name": "DSA-531",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"name": "SUSE-SA:2004:021",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"name": "MDKSA-2004:068",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"name": "php-strip-tag-bypass(16692)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"name": "RHSA-2005:816",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "SSRT4777",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"name": "20040722 [OpenPKG-SA-2004.034] OpenPKG Security Advisory (php)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"name": "10724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10724"
},
{
"name": "20040713 Advisory 11/2004: PHP memory_limit remote vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"name": "GLSA-200407-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"name": "20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0595",
"datePublished": "2004-07-16T04:00:00",
"dateReserved": "2004-06-23T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3625
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "oval:org.mitre.oval:def:9575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "oval:org.mitre.oval:def:9575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3625",
"datePublished": "2006-01-06T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1270
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2005-013.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18609 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.redhat.com/support/errata/RHSA-2005-053.html | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/50-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | vendor-advisory, x_refsource_GENTOO | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507 | vdb-entry, signature, x_refsource_OVAL | |
| http://tigger.uic.edu/~jlongs2/holes/cups2.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "cups-lppasswd-passwd-modify(18609)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18609"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "oval:org.mitre.oval:def:11507",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "cups-lppasswd-passwd-modify(18609)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18609"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "oval:org.mitre.oval:def:11507",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:013",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "cups-lppasswd-passwd-modify(18609)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18609"
},
{
"name": "MDKSA-2005:008",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "oval:org.mitre.oval:def:11507",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507"
},
{
"name": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt",
"refsource": "MISC",
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1270",
"datePublished": "2004-12-22T05:00:00",
"dateReserved": "2004-12-20T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1333
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.344Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "20041215 fun with linux kernel",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "USN-47-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/47-1/"
},
{
"name": "linux-vcresize-dos(18523)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "SUSE-SA:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "MDKSA-2005:218",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "17826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17826"
},
{
"name": "FLSA:152532",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"name": "MDKSA-2005:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "20041215 fun with linux kernel",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "USN-47-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/47-1/"
},
{
"name": "linux-vcresize-dos(18523)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "SUSE-SA:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "MDKSA-2005:218",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "17826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17826"
},
{
"name": "FLSA:152532",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"name": "MDKSA-2005:219",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "20041215 fun with linux kernel",
"refsource": "FULLDISC",
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "USN-47-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/47-1/"
},
{
"name": "linux-vcresize-dos(18523)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "SUSE-SA:2005:018",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html",
"refsource": "MISC",
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "MDKSA-2005:218",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "17826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17826"
},
{
"name": "FLSA:152532",
"refsource": "FEDORA",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"name": "MDKSA-2005:219",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1333",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-06T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0587
Vulnerability from cvelistv5
Published
2004-06-23 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1010057 | vdb-entry, x_refsource_SECTRACK | |
| http://www.redhat.com/support/errata/RHSA-2004-413.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2004-418.html | vendor-advisory, x_refsource_REDHAT | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.novell.com/linux/security/advisories/2004_10_kernel.html | vendor-advisory, x_refsource_SUSE | |
| http://lwn.net/Articles/91155/ | vendor-advisory, x_refsource_FEDORA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16062 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/10279 | vdb-entry, x_refsource_BID | |
| http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066 | vendor-advisory, x_refsource_MANDRAKE | |
| ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc | vendor-advisory, x_refsource_SGI |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1010057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010057"
},
{
"name": "RHSA-2004:413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"name": "oval:org.mitre.oval:def:9398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
},
{
"name": "SuSE-SA:2004:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"name": "FEDORA-2004-186",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lwn.net/Articles/91155/"
},
{
"name": "suse-hbaapinode-dos(16062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
},
{
"name": "10279",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10279"
},
{
"name": "MDKSA-2004:066",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
},
{
"name": "20040804-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1010057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010057"
},
{
"name": "RHSA-2004:413",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"name": "oval:org.mitre.oval:def:9398",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
},
{
"name": "SuSE-SA:2004:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"name": "FEDORA-2004-186",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lwn.net/Articles/91155/"
},
{
"name": "suse-hbaapinode-dos(16062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
},
{
"name": "10279",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10279"
},
{
"name": "MDKSA-2004:066",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
},
{
"name": "20040804-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1010057",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010057"
},
{
"name": "RHSA-2004:413",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"name": "RHSA-2004:418",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"name": "oval:org.mitre.oval:def:9398",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
},
{
"name": "SuSE-SA:2004:010",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"name": "FEDORA-2004-186",
"refsource": "FEDORA",
"url": "http://lwn.net/Articles/91155/"
},
{
"name": "suse-hbaapinode-dos(16062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
},
{
"name": "10279",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10279"
},
{
"name": "MDKSA-2004:066",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
},
{
"name": "20040804-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0587",
"datePublished": "2004-06-23T04:00:00",
"dateReserved": "2004-06-21T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0109
Vulnerability from cvelistv5
Published
2005-03-08 05:00
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#911878",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/911878"
},
{
"name": "18165",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18165"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754"
},
{
"name": "[freebsd-hackers] 20050304 Re: FW:FreeBSD hiding security stuff",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=freebsd-hackers\u0026m=110994026421858\u0026w=2"
},
{
"name": "SCOSA-2005.24",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt"
},
{
"name": "oval:org.mitre.oval:def:9747",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747"
},
{
"name": "ADV-2005-3002",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3002"
},
{
"name": "15348",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15348"
},
{
"name": "12724",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12724"
},
{
"name": "[freebsd-security] 20050304 [Fwd: Re: FW:FreeBSD hiding security stuff]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=freebsd-security\u0026m=110994370429609\u0026w=2"
},
{
"name": "RHSA-2005:476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
},
{
"name": "1013967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013967"
},
{
"name": "ADV-2005-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/0540"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.daemonology.net/papers/htt.pdf"
},
{
"name": "RHSA-2005:800",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-800.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.daemonology.net/hyperthreading-considered-harmful/"
},
{
"name": "101739",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1"
},
{
"name": "[openbsd-misc] 20050304 Re: FreeBSD hiding security stuff",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=openbsd-misc\u0026m=110995101417256\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#911878",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/911878"
},
{
"name": "18165",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18165"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754"
},
{
"name": "[freebsd-hackers] 20050304 Re: FW:FreeBSD hiding security stuff",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=freebsd-hackers\u0026m=110994026421858\u0026w=2"
},
{
"name": "SCOSA-2005.24",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt"
},
{
"name": "oval:org.mitre.oval:def:9747",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747"
},
{
"name": "ADV-2005-3002",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3002"
},
{
"name": "15348",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15348"
},
{
"name": "12724",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12724"
},
{
"name": "[freebsd-security] 20050304 [Fwd: Re: FW:FreeBSD hiding security stuff]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=freebsd-security\u0026m=110994370429609\u0026w=2"
},
{
"name": "RHSA-2005:476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
},
{
"name": "1013967",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013967"
},
{
"name": "ADV-2005-0540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/0540"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.daemonology.net/papers/htt.pdf"
},
{
"name": "RHSA-2005:800",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-800.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.daemonology.net/hyperthreading-considered-harmful/"
},
{
"name": "101739",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1"
},
{
"name": "[openbsd-misc] 20050304 Re: FreeBSD hiding security stuff",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=openbsd-misc\u0026m=110995101417256\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#911878",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/911878"
},
{
"name": "18165",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18165"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754",
"refsource": "MISC",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754"
},
{
"name": "[freebsd-hackers] 20050304 Re: FW:FreeBSD hiding security stuff",
"refsource": "MLIST",
"url": "http://marc.info/?l=freebsd-hackers\u0026m=110994026421858\u0026w=2"
},
{
"name": "SCOSA-2005.24",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt"
},
{
"name": "oval:org.mitre.oval:def:9747",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747"
},
{
"name": "ADV-2005-3002",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3002"
},
{
"name": "15348",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15348"
},
{
"name": "12724",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12724"
},
{
"name": "[freebsd-security] 20050304 [Fwd: Re: FW:FreeBSD hiding security stuff]",
"refsource": "MLIST",
"url": "http://marc.info/?l=freebsd-security\u0026m=110994370429609\u0026w=2"
},
{
"name": "RHSA-2005:476",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
},
{
"name": "1013967",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013967"
},
{
"name": "ADV-2005-0540",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0540"
},
{
"name": "http://www.daemonology.net/papers/htt.pdf",
"refsource": "MISC",
"url": "http://www.daemonology.net/papers/htt.pdf"
},
{
"name": "RHSA-2005:800",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-800.html"
},
{
"name": "http://www.daemonology.net/hyperthreading-considered-harmful/",
"refsource": "MISC",
"url": "http://www.daemonology.net/hyperthreading-considered-harmful/"
},
{
"name": "101739",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1"
},
{
"name": "[openbsd-misc] 20050304 Re: FreeBSD hiding security stuff",
"refsource": "MLIST",
"url": "http://marc.info/?l=openbsd-misc\u0026m=110995101417256\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0109",
"datePublished": "2005-03-08T05:00:00",
"dateReserved": "2005-01-18T00:00:00",
"dateUpdated": "2024-08-07T20:57:41.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6235
Vulnerability from cvelistv5
Published
2006-12-07 11:00
Modified
2024-08-07 20:19
Severity ?
EPSS score ?
Summary
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017349",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017349"
},
{
"name": "23269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23269"
},
{
"name": "23303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23303"
},
{
"name": "20061206 rPSA-2006-0227-1 gnupg",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"name": "23255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23255"
},
{
"name": "USN-393-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"name": "23513",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23513"
},
{
"name": "23284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23284"
},
{
"name": "USN-393-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"name": "23245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23245"
},
{
"name": "[gnupg-announce] GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"name": "VU#427009",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"name": "SUSE-SR:2006:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"name": "RHSA-2006:0754",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"name": "DSA-1231",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"name": "20061206 GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"name": "23335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23335"
},
{
"name": "23299",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23299"
},
{
"name": "21462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"name": "2006-0070",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"name": "23329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23329"
},
{
"name": "GLSA-200612-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"name": "23259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23259"
},
{
"name": "MDKSA-2006:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"name": "23290",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23290"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"name": "SUSE-SA:2006:075",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"name": "ADV-2006-4881",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"name": "oval:org.mitre.oval:def:11245",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"name": "23250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23250"
},
{
"name": "20061201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"name": "gnupg-openpgp-code-execution(30711)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"name": "OpenPKG-SA-2006.037",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"name": "24047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24047"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017349",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017349"
},
{
"name": "23269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23269"
},
{
"name": "23303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23303"
},
{
"name": "20061206 rPSA-2006-0227-1 gnupg",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"name": "23255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23255"
},
{
"name": "USN-393-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"name": "23513",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23513"
},
{
"name": "23284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23284"
},
{
"name": "USN-393-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"name": "23245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23245"
},
{
"name": "[gnupg-announce] GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"name": "VU#427009",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"name": "SUSE-SR:2006:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"name": "RHSA-2006:0754",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"name": "DSA-1231",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"name": "20061206 GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"name": "23335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23335"
},
{
"name": "23299",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23299"
},
{
"name": "21462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"name": "2006-0070",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"name": "23329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23329"
},
{
"name": "GLSA-200612-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"name": "23259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23259"
},
{
"name": "MDKSA-2006:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"name": "23290",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23290"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"name": "SUSE-SA:2006:075",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"name": "ADV-2006-4881",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"name": "oval:org.mitre.oval:def:11245",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"name": "23250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23250"
},
{
"name": "20061201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"name": "gnupg-openpgp-code-execution(30711)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"name": "OpenPKG-SA-2006.037",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"name": "24047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24047"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017349",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017349"
},
{
"name": "23269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23269"
},
{
"name": "23303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23303"
},
{
"name": "20061206 rPSA-2006-0227-1 gnupg",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"name": "23255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23255"
},
{
"name": "USN-393-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"name": "23513",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23513"
},
{
"name": "23284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23284"
},
{
"name": "USN-393-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"name": "23245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23245"
},
{
"name": "[gnupg-announce] GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"refsource": "MLIST",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"name": "VU#427009",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"name": "SUSE-SR:2006:028",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"name": "RHSA-2006:0754",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"name": "DSA-1231",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"name": "20061206 GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"name": "23335",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23335"
},
{
"name": "23299",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23299"
},
{
"name": "21462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21462"
},
{
"name": "2006-0070",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"name": "23329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23329"
},
{
"name": "GLSA-200612-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"name": "23259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23259"
},
{
"name": "MDKSA-2006:228",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"name": "23290",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23290"
},
{
"name": "https://issues.rpath.com/browse/RPL-835",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"name": "SUSE-SA:2006:075",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"name": "ADV-2006-4881",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"name": "oval:org.mitre.oval:def:11245",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"name": "23250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23250"
},
{
"name": "20061201-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"name": "gnupg-openpgp-code-execution(30711)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"name": "OpenPKG-SA-2006.037",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"name": "24047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24047"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6235",
"datePublished": "2006-12-07T11:00:00",
"dateReserved": "2006-12-02T00:00:00",
"dateUpdated": "2024-08-07T20:19:35.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0904
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17381 | vdb-entry, x_refsource_XF | |
| http://www.novell.com/linux/security/advisories/2004_36_mozilla.html | vendor-advisory, x_refsource_SUSE | |
| http://marc.info/?l=bugtraq&m=109900315219363&w=2 | vendor-advisory, x_refsource_FEDORA | |
| http://bugzilla.mozilla.org/show_bug.cgi?id=255067 | x_refsource_CONFIRM | |
| http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-200409-26.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/11171 | vdb-entry, x_refsource_BID | |
| http://www.us-cert.gov/cas/techalerts/TA04-261A.html | third-party-advisory, x_refsource_CERT | |
| http://marc.info/?l=bugtraq&m=109698896104418&w=2 | vendor-advisory, x_refsource_HP | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.kb.cert.org/vuls/id/847200 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "mozilla-netscape-bmp-bo(17381)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381"
},
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "11171",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11171"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10952",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952"
},
{
"name": "VU#847200",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/847200"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "mozilla-netscape-bmp-bo(17381)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381"
},
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "11171",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11171"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10952",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952"
},
{
"name": "VU#847200",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/847200"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mozilla-netscape-bmp-bo(17381)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381"
},
{
"name": "SUSE-SA:2004:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "FLSA:2089",
"refsource": "FEDORA",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067"
},
{
"name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "11171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11171"
},
{
"name": "TA04-261A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:10952",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952"
},
{
"name": "VU#847200",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/847200"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0904",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-23T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1012
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2004/dsa-597 | vendor-advisory, x_refsource_DEBIAN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18199 | vdb-entry, x_refsource_XF | |
| http://security.e-matters.de/advisories/152004.html | x_refsource_MISC | |
| http://asg.web.cmu.edu/cyrus/download/imapd/changes.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:139 | vendor-advisory, x_refsource_MANDRAKE | |
| http://marc.info/?l=bugtraq&m=110123023521619&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/13274/ | third-party-advisory, x_refsource_SECUNIA | |
| http://security.gentoo.org/glsa/glsa-200411-34.xml | vendor-advisory, x_refsource_GENTOO | |
| https://www.ubuntu.com/usn/usn-31-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"name": "cyrus-imap-commands-execute-code(18199)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"name": "USN-31-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command (\"body[p\") that is treated as a different command (\"body.peek\") and causes an index increment error that leads to an out-of-bounds memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"name": "cyrus-imap-commands-execute-code(18199)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"name": "USN-31-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command (\"body[p\") that is treated as a different command (\"body.peek\") and causes an index increment error that leads to an out-of-bounds memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-597",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"name": "cyrus-imap-commands-execute-code(18199)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
},
{
"name": "http://security.e-matters.de/advisories/152004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
"refsource": "CONFIRM",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"refsource": "MLIST",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"name": "USN-31-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1012",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-04T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0736
Vulnerability from cvelistv5
Published
2005-03-13 05:00
Modified
2024-08-07 21:21
Severity ?
EPSS score ?
Summary
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2005-366.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/12763 | vdb-entry, x_refsource_BID | |
| http://linux.bkbits.net:8080/linux-2.6/cset%40422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html%7CChangeSet%40-1d | x_refsource_CONFIRM | |
| http://www.novell.com/linux/security/advisories/2005_18_kernel.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html | mailing-list, x_refsource_FULLDISC | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.redhat.com/support/errata/RHSA-2005-293.html | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/95-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"name": "12763",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12763"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.bkbits.net:8080/linux-2.6/cset%40422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html%7CChangeSet%40-1d"
},
{
"name": "SUSE-SA:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"name": "20050309 overwriting low kernel memory",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html"
},
{
"name": "oval:org.mitre.oval:def:9870",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870"
},
{
"name": "RHSA-2005:293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "USN-95-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/95-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"name": "12763",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12763"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.bkbits.net:8080/linux-2.6/cset%40422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html%7CChangeSet%40-1d"
},
{
"name": "SUSE-SA:2005:018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"name": "20050309 overwriting low kernel memory",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html"
},
{
"name": "oval:org.mitre.oval:def:9870",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870"
},
{
"name": "RHSA-2005:293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "USN-95-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/95-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:366",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"name": "12763",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12763"
},
{
"name": "http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html|ChangeSet@-1d",
"refsource": "CONFIRM",
"url": "http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html|ChangeSet@-1d"
},
{
"name": "SUSE-SA:2005:018",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"name": "20050309 overwriting low kernel memory",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html"
},
{
"name": "oval:org.mitre.oval:def:9870",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870"
},
{
"name": "RHSA-2005:293",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "USN-95-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/95-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0736",
"datePublished": "2005-03-13T05:00:00",
"dateReserved": "2005-03-12T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1613
Vulnerability from cvelistv5
Published
2005-02-20 05:00
Modified
2024-08-08 01:00
Severity ?
EPSS score ?
Summary
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=109811406620511&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/11439 | vdb-entry, x_refsource_BID | |
| http://www.redhat.com/support/errata/RHSA-2005-323.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17805 | vdb-entry, x_refsource_XF | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227 | vdb-entry, signature, x_refsource_OVAL | |
| http://securitytracker.com/id?1011810 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html | mailing-list, x_refsource_FULLDISC | |
| http://lcamtuf.coredump.cx/mangleme/gallery/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:36.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041018 Web browsers - a mini-farce",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2"
},
{
"name": "11439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11439"
},
{
"name": "RHSA-2005:323",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "mozilla-html-tags-dos(17805)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805"
},
{
"name": "oval:org.mitre.oval:def:10227",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227"
},
{
"name": "1011810",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011810"
},
{
"name": "20041018 Web browsers - a mini-farce",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lcamtuf.coredump.cx/mangleme/gallery/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041018 Web browsers - a mini-farce",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2"
},
{
"name": "11439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11439"
},
{
"name": "RHSA-2005:323",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "mozilla-html-tags-dos(17805)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805"
},
{
"name": "oval:org.mitre.oval:def:10227",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227"
},
{
"name": "1011810",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011810"
},
{
"name": "20041018 Web browsers - a mini-farce",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lcamtuf.coredump.cx/mangleme/gallery/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041018 Web browsers - a mini-farce",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2"
},
{
"name": "11439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11439"
},
{
"name": "RHSA-2005:323",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"name": "mozilla-html-tags-dos(17805)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805"
},
{
"name": "oval:org.mitre.oval:def:10227",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227"
},
{
"name": "1011810",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011810"
},
{
"name": "20041018 Web browsers - a mini-farce",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html"
},
{
"name": "http://lcamtuf.coredump.cx/mangleme/gallery/",
"refsource": "MISC",
"url": "http://lcamtuf.coredump.cx/mangleme/gallery/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1613",
"datePublished": "2005-02-20T05:00:00",
"dateReserved": "2005-02-20T00:00:00",
"dateUpdated": "2024-08-08T01:00:36.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-7151
Vulnerability from cvelistv5
Published
2007-03-07 20:00
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/2378 | third-party-advisory, x_refsource_SREASON | |
| https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/20434 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/448153/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:39.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2378",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2378"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930"
},
{
"name": "20434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20434"
},
{
"name": "20061010 [Fedora] libtool-ltdl uses relative paths to resolve and load libraries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/448153/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2378",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2378"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930"
},
{
"name": "20434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20434"
},
{
"name": "20061010 [Fedora] libtool-ltdl uses relative paths to resolve and load libraries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/448153/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2378",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2378"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930"
},
{
"name": "20434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20434"
},
{
"name": "20061010 [Fedora] libtool-ltdl uses relative paths to resolve and load libraries",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448153/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-7151",
"datePublished": "2007-03-07T20:00:00",
"dateReserved": "2007-03-07T00:00:00",
"dateUpdated": "2024-08-07T20:57:39.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0827
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vupen.com/english/advisories/2008/0412 | vdb-entry, x_refsource_VUPEN | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.debian.org/security/2004/dsa-547 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2004-494.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2004-480.html | vendor-advisory, x_refsource_REDHAT | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1 | vendor-advisory, x_refsource_SUNALERT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17173 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/28800 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11123",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28800"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11123",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28800"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11123",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28800"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0827",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-02T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1013
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:38
Severity ?
EPSS score ?
Summary
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2004/dsa-597 | vendor-advisory, x_refsource_DEBIAN | |
| http://security.e-matters.de/advisories/152004.html | x_refsource_MISC | |
| http://asg.web.cmu.edu/cyrus/download/imapd/changes.html | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:139 | vendor-advisory, x_refsource_MANDRAKE | |
| http://marc.info/?l=bugtraq&m=110123023521619&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce&msg=143 | mailing-list, x_refsource_MLIST | |
| http://secunia.com/advisories/13274/ | third-party-advisory, x_refsource_SECUNIA | |
| http://security.gentoo.org/glsa/glsa-200411-34.xml | vendor-advisory, x_refsource_GENTOO | |
| https://www.ubuntu.com/usn/usn-31-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:38:59.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"name": "USN-31-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-597",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"name": "USN-31-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-597",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"name": "http://security.e-matters.de/advisories/152004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
"refsource": "CONFIRM",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "MDKSA-2004:139",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"name": "20041122 Advisory 15/2004: Cyrus IMAP Server multiple remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"name": "[cyrus-announce] 20041122 Cyrus IMAPd 2.2.9 Released",
"refsource": "MLIST",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"name": "13274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13274/"
},
{
"name": "GLSA-200411-34",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"name": "USN-31-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1013",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-04T00:00:00",
"dateUpdated": "2024-08-08T00:38:59.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2030
Vulnerability from cvelistv5
Published
2007-04-16 20:00
Modified
2024-08-07 13:23
Severity ?
EPSS score ?
Summary
lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/25519 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/24336 | vdb-entry, x_refsource_BID | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:117 | vendor-advisory, x_refsource_MANDRIVA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34063 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/37049 | vdb-entry, x_refsource_OSVDB | |
| https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:49.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25519"
},
{
"name": "24336",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24336"
},
{
"name": "MDKSA-2007:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:117"
},
{
"name": "lha-lharc-symlink(34063)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34063"
},
{
"name": "37049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37049"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25519",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25519"
},
{
"name": "24336",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24336"
},
{
"name": "MDKSA-2007:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:117"
},
{
"name": "lha-lharc-symlink(34063)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34063"
},
{
"name": "37049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37049"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25519",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25519"
},
{
"name": "24336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24336"
},
{
"name": "MDKSA-2007:117",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:117"
},
{
"name": "lha-lharc-symlink(34063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34063"
},
{
"name": "37049",
"refsource": "OSVDB",
"url": "http://osvdb.org/37049"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2030",
"datePublished": "2007-04-16T20:00:00",
"dateReserved": "2007-04-16T00:00:00",
"dateUpdated": "2024-08-07T13:23:49.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0903
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2004_36_mozilla.html | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17380 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=109900315219363&w=2 | vendor-advisory, x_refsource_FEDORA | |
| http://www.kb.cert.org/vuls/id/414240 | third-party-advisory, x_refsource_CERT-VN | |
| http://bugzilla.mozilla.org/show_bug.cgi?id=257314 | x_refsource_CONFIRM | |
| http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-200409-26.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/11174 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.us-cert.gov/cas/techalerts/TA04-261A.html | third-party-advisory, x_refsource_CERT | |
| http://marc.info/?l=bugtraq&m=109698896104418&w=2 | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "mozilla-netscape-nsvcardobj-bo(17380)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "VU#414240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/414240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "11174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11174"
},
{
"name": "oval:org.mitre.oval:def:10873",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "mozilla-netscape-nsvcardobj-bo(17380)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "VU#414240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/414240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "11174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11174"
},
{
"name": "oval:org.mitre.oval:def:10873",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2004:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "mozilla-netscape-nsvcardobj-bo(17380)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380"
},
{
"name": "FLSA:2089",
"refsource": "FEDORA",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "VU#414240",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/414240"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314"
},
{
"name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "11174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11174"
},
{
"name": "oval:org.mitre.oval:def:10873",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873"
},
{
"name": "TA04-261A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0903",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-23T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0902
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11201",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201"
},
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "mozilla-nspop3protocol-bo(17379)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005"
},
{
"name": "mozilla-netscape-nonascii-bo(17378)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the \"Send page\" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11201",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201"
},
{
"name": "SUSE-SA:2004:036",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "FLSA:2089",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "mozilla-nspop3protocol-bo(17379)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005"
},
{
"name": "mozilla-netscape-nonascii-bo(17378)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "TA04-261A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the \"Send page\" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11201",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201"
},
{
"name": "SUSE-SA:2004:036",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"name": "FLSA:2089",
"refsource": "FEDORA",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"name": "mozilla-nspop3protocol-bo(17379)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005"
},
{
"name": "mozilla-netscape-nonascii-bo(17378)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378"
},
{
"name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"name": "GLSA-200409-26",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"name": "TA04-261A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"name": "SSRT4826",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0902",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-23T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0085
Vulnerability from cvelistv5
Published
2005-02-15 05:00
Modified
2024-08-07 20:57
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:40.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14795"
},
{
"name": "oval:org.mitre.oval:def:10878",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
},
{
"name": "RHSA-2005:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
},
{
"name": "14255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14255"
},
{
"name": "MDKSA-2005:063",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
},
{
"name": "17415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17415"
},
{
"name": "htdig-config-xss(19223)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
},
{
"name": "14303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14303"
},
{
"name": "14276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14276"
},
{
"name": "12442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12442"
},
{
"name": "GLSA-200502-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
},
{
"name": "DSA-680",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-680"
},
{
"name": "17414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17414"
},
{
"name": "RHSA-2005:090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
},
{
"name": "FLSA-2006:152907",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
},
{
"name": "15007",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15007"
},
{
"name": "1013078",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013078"
},
{
"name": "SCOSA-2005.46",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14795"
},
{
"name": "oval:org.mitre.oval:def:10878",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
},
{
"name": "RHSA-2005:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
},
{
"name": "14255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14255"
},
{
"name": "MDKSA-2005:063",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
},
{
"name": "17415",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17415"
},
{
"name": "htdig-config-xss(19223)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
},
{
"name": "14303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14303"
},
{
"name": "14276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14276"
},
{
"name": "12442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12442"
},
{
"name": "GLSA-200502-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
},
{
"name": "DSA-680",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-680"
},
{
"name": "17414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17414"
},
{
"name": "RHSA-2005:090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
},
{
"name": "FLSA-2006:152907",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
},
{
"name": "15007",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15007"
},
{
"name": "1013078",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013078"
},
{
"name": "SCOSA-2005.46",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14795"
},
{
"name": "oval:org.mitre.oval:def:10878",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
},
{
"name": "RHSA-2005:073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
},
{
"name": "14255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14255"
},
{
"name": "MDKSA-2005:063",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
},
{
"name": "17415",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17415"
},
{
"name": "htdig-config-xss(19223)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
},
{
"name": "14303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14303"
},
{
"name": "14276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14276"
},
{
"name": "12442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12442"
},
{
"name": "GLSA-200502-16",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
},
{
"name": "DSA-680",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-680"
},
{
"name": "17414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17414"
},
{
"name": "RHSA-2005:090",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
},
{
"name": "FLSA-2006:152907",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
},
{
"name": "15007",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15007"
},
{
"name": "1013078",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013078"
},
{
"name": "SCOSA-2005.46",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0085",
"datePublished": "2005-02-15T05:00:00",
"dateReserved": "2005-01-18T00:00:00",
"dateUpdated": "2024-08-07T20:57:40.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5701
Vulnerability from cvelistv5
Published
2006-11-03 23:00
Modified
2024-08-07 19:55
Severity ?
EPSS score ?
Summary
Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29967 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/24259 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/23361 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2007:047 | vendor-advisory, x_refsource_MANDRIVA | |
| http://secunia.com/advisories/23384 | third-party-advisory, x_refsource_SECUNIA | |
| http://projects.info-pull.com/mokb/MOKB-02-11-2006.html | x_refsource_MISC | |
| http://www.ubuntu.com/usn/usn-395-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.securityfocus.com/bid/20870 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/22655 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linux-squashfs-doublefree-dos(29967)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29967"
},
{
"name": "24259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24259"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "MDKSA-2007:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:047"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23384"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://projects.info-pull.com/mokb/MOKB-02-11-2006.html"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "20870",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20870"
},
{
"name": "22655",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22655"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linux-squashfs-doublefree-dos(29967)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29967"
},
{
"name": "24259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24259"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "MDKSA-2007:047",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:047"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23384"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://projects.info-pull.com/mokb/MOKB-02-11-2006.html"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "20870",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20870"
},
{
"name": "22655",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22655"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5701",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linux-squashfs-doublefree-dos(29967)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29967"
},
{
"name": "24259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24259"
},
{
"name": "23361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23361"
},
{
"name": "MDKSA-2007:047",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:047"
},
{
"name": "23384",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23384"
},
{
"name": "http://projects.info-pull.com/mokb/MOKB-02-11-2006.html",
"refsource": "MISC",
"url": "http://projects.info-pull.com/mokb/MOKB-02-11-2006.html"
},
{
"name": "USN-395-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "20870",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20870"
},
{
"name": "22655",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22655"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5701",
"datePublished": "2006-11-03T23:00:00",
"dateReserved": "2006-11-03T00:00:00",
"dateUpdated": "2024-08-07T19:55:54.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3624
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3624",
"datePublished": "2006-01-06T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1269
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2005-013.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18608 | vdb-entry, x_refsource_XF | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.redhat.com/support/errata/RHSA-2005-053.html | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/50-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | vendor-advisory, x_refsource_GENTOO | |
| http://tigger.uic.edu/~jlongs2/holes/cups2.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "cups-lppasswd-dos(18608)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18608"
},
{
"name": "oval:org.mitre.oval:def:9545",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "cups-lppasswd-dos(18608)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18608"
},
{
"name": "oval:org.mitre.oval:def:9545",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:013",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "cups-lppasswd-dos(18608)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18608"
},
{
"name": "oval:org.mitre.oval:def:9545",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545"
},
{
"name": "MDKSA-2005:008",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"name": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt",
"refsource": "MISC",
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1269",
"datePublished": "2004-12-22T05:00:00",
"dateReserved": "2004-12-20T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1074
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041216 [USN-39-1] Linux amd64 kernel vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110322596918807\u0026w=2"
},
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "linux-aout-binary-dos(18290)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18290"
},
{
"name": "[linux-kernel] 20041111 a.out issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=110021173607372\u0026w=2"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "2005-0001",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"name": "11754",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11754"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "oval:org.mitre.oval:def:9751",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751"
},
{
"name": "CLA-2005:930",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The binfmt functionality in the Linux kernel, when \"memory overcommit\" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041216 [USN-39-1] Linux amd64 kernel vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110322596918807\u0026w=2"
},
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "linux-aout-binary-dos(18290)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18290"
},
{
"name": "[linux-kernel] 20041111 a.out issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=110021173607372\u0026w=2"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "2005-0001",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"name": "11754",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11754"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "oval:org.mitre.oval:def:9751",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751"
},
{
"name": "CLA-2005:930",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The binfmt functionality in the Linux kernel, when \"memory overcommit\" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041216 [USN-39-1] Linux amd64 kernel vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110322596918807\u0026w=2"
},
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "linux-aout-binary-dos(18290)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18290"
},
{
"name": "[linux-kernel] 20041111 a.out issue",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=110021173607372\u0026w=2"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "2005-0001",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"name": "11754",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11754"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "oval:org.mitre.oval:def:9751",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751"
},
{
"name": "CLA-2005:930",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1074",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-29T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1067
Vulnerability from cvelistv5
Published
2004-12-10 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18333 | vdb-entry, x_refsource_XF | |
| http://asg.web.cmu.edu/cyrus/download/imapd/changes.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/11738 | vdb-entry, x_refsource_BID | |
| https://www.ubuntu.com/usn/usn-37-1/ | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "11738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11738"
},
{
"name": "USN-37-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-37-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "11738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11738"
},
{
"name": "USN-37-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-37-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cyrus-mysaslcanonuser-offbyone-bo(18333)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
},
{
"name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html",
"refsource": "CONFIRM",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"name": "11738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11738"
},
{
"name": "USN-37-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-37-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1067",
"datePublished": "2004-12-10T05:00:00",
"dateReserved": "2004-11-29T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0206
Vulnerability from cvelistv5
Published
2005-02-15 05:00
Modified
2024-08-07 21:05
Severity ?
EPSS score ?
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11107",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"name": "MDKSA-2005:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:034",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "MDKSA-2005:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"name": "MDKSA-2005:043",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"name": "RHSA-2005:213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"name": "MDKSA-2005:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "RHSA-2005:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"name": "MDKSA-2005:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"name": "RHSA-2005:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11107",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"name": "MDKSA-2005:041",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:034",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "MDKSA-2005:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"name": "MDKSA-2005:043",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"name": "RHSA-2005:213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"name": "MDKSA-2005:044",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "xpdf-pdf-bo(17818)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "RHSA-2005:132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"name": "MDKSA-2005:042",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"name": "RHSA-2005:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11107",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"name": "MDKSA-2005:041",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"name": "11501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "RHSA-2005:034",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"name": "MDKSA-2005:056",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"name": "MDKSA-2005:043",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"name": "RHSA-2005:213",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"name": "MDKSA-2005:044",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "xpdf-pdf-bo(17818)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"name": "MDKSA-2005:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "RHSA-2005:132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"name": "MDKSA-2005:042",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"name": "RHSA-2005:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0206",
"datePublished": "2005-02-15T05:00:00",
"dateReserved": "2005-02-01T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0960
Vulnerability from cvelistv5
Published
2004-10-20 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200409-29.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/11222 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17440 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/541574 | third-party-advisory, x_refsource_CERT-VN | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023 | vdb-entry, signature, x_refsource_OVAL |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"name": "oval:org.mitre.oval:def:11023",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200409-29",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "11222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"name": "oval:org.mitre.oval:def:11023",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200409-29",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"name": "11222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11222"
},
{
"name": "freeradius-dos(17440)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"name": "VU#541574",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"name": "oval:org.mitre.oval:def:11023",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0960",
"datePublished": "2004-10-20T04:00:00",
"dateReserved": "2004-10-18T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1171
Vulnerability from cvelistv5
Published
2004-12-10 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13486"
},
{
"name": "VU#305294",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"name": "11866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"name": "1012471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012471"
},
{
"name": "P-051",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"name": "13560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13560"
},
{
"name": "kde-smb-password-plaintext(18267)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"name": "MDKSA-2004:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"name": "20041209 KDE Security Advisory: plain text password exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"name": "12248",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12248"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"name": "GLSA-200412-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"name": "13477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13477"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user\u0027s .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13486"
},
{
"name": "VU#305294",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"name": "11866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"name": "1012471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012471"
},
{
"name": "P-051",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"name": "13560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13560"
},
{
"name": "kde-smb-password-plaintext(18267)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"name": "MDKSA-2004:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"name": "20041209 KDE Security Advisory: plain text password exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"name": "12248",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12248"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"name": "GLSA-200412-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"name": "13477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13477"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user\u0027s .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13486"
},
{
"name": "VU#305294",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"name": "11866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11866"
},
{
"name": "1012471",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012471"
},
{
"name": "P-051",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"name": "13560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13560"
},
{
"name": "kde-smb-password-plaintext(18267)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"name": "MDKSA-2004:150",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"name": "20041209 KDE Security Advisory: plain text password exposure",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"name": "12248",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12248"
},
{
"name": "http://www.sec-consult.com/index.php?id=118",
"refsource": "MISC",
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"name": "GLSA-200412-16",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"name": "20041129 Password Disclosure for SMB Shares in KDE\u0027s Konqueror",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"name": "13477",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13477"
},
{
"name": "http://www.kde.org/info/security/advisory-20041209-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1171",
"datePublished": "2004-12-10T05:00:00",
"dateReserved": "2004-12-10T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1235
Vulnerability from cvelistv5
Published
2005-01-20 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "RHSA-2005:017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/7804"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2005:016",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "RHSA-2005:043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
},
{
"name": "2005-0001",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"name": "RHSA-2005:092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "FEDORA-2005-014",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/7805"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "CLA-2005:930",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "12190",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12190"
},
{
"name": "linux-uselib-gain-privileges(18800)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
},
{
"name": "20050107 Linux kernel sys_uselib local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9567",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
},
{
"name": "FEDORA-2005-013",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/7806"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "RHSA-2005:017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.securityfocus.com/advisories/7804"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2005:016",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "RHSA-2005:043",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
},
{
"name": "2005-0001",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"name": "RHSA-2005:092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "FEDORA-2005-014",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/advisories/7805"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "CLA-2005:930",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "12190",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12190"
},
{
"name": "linux-uselib-gain-privileges(18800)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
},
{
"name": "20050107 Linux kernel sys_uselib local root vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9567",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
},
{
"name": "FEDORA-2005-013",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/advisories/7806"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "RHSA-2005:017",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "http://www.securityfocus.com/advisories/7804",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/advisories/7804"
},
{
"name": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt",
"refsource": "MISC",
"url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2005:016",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "RHSA-2005:043",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
},
{
"name": "2005-0001",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"name": "RHSA-2005:092",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "FEDORA-2005-014",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/advisories/7805"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "CLA-2005:930",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"name": "SUSE-SR:2005:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "12190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12190"
},
{
"name": "linux-uselib-gain-privileges(18800)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
},
{
"name": "20050107 Linux kernel sys_uselib local root vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:9567",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
},
{
"name": "FEDORA-2005-013",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/advisories/7806"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1235",
"datePublished": "2005-01-20T05:00:00",
"dateReserved": "2004-12-15T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0234
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015866",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt",
"refsource": "MISC",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0234",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0451
Vulnerability from cvelistv5
Published
2006-02-14 22:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/18960 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/16677 | vdb-entry, x_refsource_BID | |
| http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24794 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18960"
},
{
"name": "16677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16677"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
},
{
"name": "fedora-ber-memory-leak-dos(24794)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "18960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18960"
},
{
"name": "16677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16677"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
},
{
"name": "fedora-ber-memory-leak-dos(24794)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24794"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0451",
"datePublished": "2006-02-14T22:00:00",
"dateReserved": "2006-01-27T00:00:00",
"dateUpdated": "2024-08-07T16:34:14.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0750
Vulnerability from cvelistv5
Published
2005-04-03 05:00
Modified
2024-08-07 21:21
Severity ?
EPSS score ?
Summary
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/19844 | vdb-entry, x_refsource_XF | |
| http://www.redhat.com/support/errata/RHSA-2005-366.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2005-283.html | vendor-advisory, x_refsource_REDHAT | |
| http://marc.info/?l=bugtraq&m=111204562102633&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/12911 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532 | vendor-advisory, x_refsource_FEDORA | |
| http://www.redhat.com/support/errata/RHSA-2005-293.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2005-284.html | vendor-advisory, x_refsource_REDHAT | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kernel-bluezsockcreate-integer-underflow(19844)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844"
},
{
"name": "RHSA-2005:366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"name": "RHSA-2005:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:11719",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719"
},
{
"name": "12911",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12911"
},
{
"name": "FLSA:152532",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"name": "RHSA-2005:293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "RHSA-2005:284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-284.html"
},
{
"name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "kernel-bluezsockcreate-integer-underflow(19844)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844"
},
{
"name": "RHSA-2005:366",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"name": "RHSA-2005:283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:11719",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719"
},
{
"name": "12911",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12911"
},
{
"name": "FLSA:152532",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"name": "RHSA-2005:293",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "RHSA-2005:284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-284.html"
},
{
"name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-0750",
"datePublished": "2005-04-03T05:00:00",
"dateReserved": "2005-03-17T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1267
Vulnerability from cvelistv5
Published
2004-12-22 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2005-013.html | vendor-advisory, x_refsource_REDHAT | |
| http://tigger.uic.edu/~jlongs2/holes/cups.txt | x_refsource_MISC | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620 | vdb-entry, signature, x_refsource_OVAL | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18604 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:008 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.redhat.com/support/errata/RHSA-2005-053.html | vendor-advisory, x_refsource_REDHAT | |
| https://usn.ubuntu.com/50-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups.txt"
},
{
"name": "oval:org.mitre.oval:def:10620",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620"
},
{
"name": "cups-parsecommand-hpgl-bo(18604)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18604"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:013",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups.txt"
},
{
"name": "oval:org.mitre.oval:def:10620",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620"
},
{
"name": "cups-parsecommand-hpgl-bo(18604)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18604"
},
{
"name": "MDKSA-2005:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:013",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"name": "http://tigger.uic.edu/~jlongs2/holes/cups.txt",
"refsource": "MISC",
"url": "http://tigger.uic.edu/~jlongs2/holes/cups.txt"
},
{
"name": "oval:org.mitre.oval:def:10620",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620"
},
{
"name": "cups-parsecommand-hpgl-bo(18604)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18604"
},
{
"name": "MDKSA-2005:008",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"name": "RHSA-2005:053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"name": "USN-50-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"name": "GLSA-200412-25",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1267",
"datePublished": "2004-12-22T05:00:00",
"dateReserved": "2004-12-20T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6131
Vulnerability from cvelistv5
Published
2007-11-26 22:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/26617 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/27847 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/42422 | vdb-entry, x_refsource_OSVDB | |
| https://bugzilla.redhat.com/show_bug.cgi?id=383131 | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1019007 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/4024 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26617",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26617"
},
{
"name": "27847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27847"
},
{
"name": "42422",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42422"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=383131"
},
{
"name": "1019007",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019007"
},
{
"name": "ADV-2007-4024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-12-01T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "26617",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26617"
},
{
"name": "27847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27847"
},
{
"name": "42422",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42422"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=383131"
},
{
"name": "1019007",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019007"
},
{
"name": "ADV-2007-4024",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-6131",
"datePublished": "2007-11-26T22:00:00",
"dateReserved": "2007-11-26T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3626
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "oval:org.mitre.oval:def:9992",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "xpdf-flatedecode-dos(24026)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "oval:org.mitre.oval:def:9992",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "xpdf-flatedecode-dos(24026)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3626",
"datePublished": "2006-01-06T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1184
Vulnerability from cvelistv5
Published
2005-01-29 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:11.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9658",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
},
{
"name": "FLSA:152892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
},
{
"name": "12329",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12329"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "MDKSA-2005:033",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
},
{
"name": "USN-68-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/68-1/"
},
{
"name": "1012965",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012965"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "DSA-654",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-654"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20060526 rPSA-2006-0083-1 enscript",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "RHSA-2005:040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
},
{
"name": "GLSA-200502-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
},
{
"name": "enscript-epsf-command-ececution(19012)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9658",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
},
{
"name": "FLSA:152892",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
},
{
"name": "12329",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12329"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "MDKSA-2005:033",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
},
{
"name": "USN-68-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/68-1/"
},
{
"name": "1012965",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012965"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "DSA-654",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-654"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20060526 rPSA-2006-0083-1 enscript",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "RHSA-2005:040",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
},
{
"name": "GLSA-200502-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
},
{
"name": "enscript-epsf-command-ececution(19012)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:9658",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
},
{
"name": "FLSA:152892",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
},
{
"name": "12329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12329"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "MDKSA-2005:033",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
},
{
"name": "USN-68-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/68-1/"
},
{
"name": "1012965",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012965"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "DSA-654",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-654"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20060526 rPSA-2006-0083-1 enscript",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "RHSA-2005:040",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
},
{
"name": "GLSA-200502-03",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
},
{
"name": "enscript-epsf-command-ececution(19012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1184",
"datePublished": "2005-01-29T05:00:00",
"dateReserved": "2004-12-13T00:00:00",
"dateUpdated": "2024-08-08T00:46:11.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0883
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "11695",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "oval:org.mitre.oval:def:10330",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10330"
},
{
"name": "linux-smbreceivetrans2-dos(18136)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18136"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "VU#726198",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/726198"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "linux-smbprocreadxdata-dos(18135)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18135"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "linux-smb-response-dos(18134)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18134"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20041118 [USN-30-1] Linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110082989725345\u0026w=2"
},
{
"name": "13232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13232/"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "11695",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "oval:org.mitre.oval:def:10330",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10330"
},
{
"name": "linux-smbreceivetrans2-dos(18136)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18136"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "VU#726198",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/726198"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "linux-smbprocreadxdata-dos(18135)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18135"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "linux-smb-response-dos(18134)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18134"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20041118 [USN-30-1] Linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110082989725345\u0026w=2"
},
{
"name": "13232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13232/"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0883",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "11695",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11695"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "oval:org.mitre.oval:def:10330",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10330"
},
{
"name": "linux-smbreceivetrans2-dos(18136)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18136"
},
{
"name": "http://security.e-matters.de/advisories/142004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "VU#726198",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/726198"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "linux-smbprocreadxdata-dos(18135)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18135"
},
{
"name": "RHSA-2004:505",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "linux-smb-response-dos(18134)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18134"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20041118 [USN-30-1] Linux kernel vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110082989725345\u0026w=2"
},
{
"name": "13232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13232/"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0883",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0974
Vulnerability from cvelistv5
Published
2004-10-20 04:00
Modified
2024-08-08 00:38
Severity ?
EPSS score ?
Summary
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 | vdb-entry, x_refsource_XF | |
| http://www.trustix.org/errata/2004/0050 | vendor-advisory, x_refsource_TRUSTIX | |
| http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:38:59.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "script-temporary-file-overwrite(17583)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"name": "2004-0050",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"name": "GLSA-200410-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "script-temporary-file-overwrite(17583)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"name": "2004-0050",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"name": "GLSA-200410-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "script-temporary-file-overwrite(17583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"name": "2004-0050",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"name": "GLSA-200410-25",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0974",
"datePublished": "2004-10-20T04:00:00",
"dateReserved": "2004-10-19T00:00:00",
"dateUpdated": "2024-08-08T00:38:59.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1158
Vulnerability from cvelistv5
Published
2004-12-10 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13486"
},
{
"name": "oval:org.mitre.oval:def:11056",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11056"
},
{
"name": "13254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13254"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"name": "13560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041213-1.txt"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "RHSA-2005:009",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
},
{
"name": "20041213 KDE Security Advisory: Konqueror Window Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110296048613575\u0026w=2"
},
{
"name": "13477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13477"
},
{
"name": "11853",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11853"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the \"window injection\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13486",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13486"
},
{
"name": "oval:org.mitre.oval:def:11056",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11056"
},
{
"name": "13254",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13254"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"name": "13560",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041213-1.txt"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "RHSA-2005:009",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
},
{
"name": "20041213 KDE Security Advisory: Konqueror Window Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110296048613575\u0026w=2"
},
{
"name": "13477",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13477"
},
{
"name": "11853",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11853"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the \"window injection\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13486"
},
{
"name": "oval:org.mitre.oval:def:11056",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11056"
},
{
"name": "13254",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13254"
},
{
"name": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/",
"refsource": "MISC",
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"name": "13560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13560"
},
{
"name": "http://secunia.com/secunia_research/2004-13/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"name": "http://www.kde.org/info/security/advisory-20041213-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041213-1.txt"
},
{
"name": "SUSE-SR:2005:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "RHSA-2005:009",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
},
{
"name": "20041213 KDE Security Advisory: Konqueror Window Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110296048613575\u0026w=2"
},
{
"name": "13477",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13477"
},
{
"name": "11853",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11853"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1158",
"datePublished": "2004-12-10T05:00:00",
"dateReserved": "2004-12-08T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0605
Vulnerability from cvelistv5
Published
2005-03-04 05:00
Modified
2024-08-07 21:21
Severity ?
EPSS score ?
Summary
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
},
{
"name": "RHSA-2005:412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
},
{
"name": "1013339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013339"
},
{
"name": "18049",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18049"
},
{
"name": "20060403-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
},
{
"name": "SCOSA-2006.5",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
},
{
"name": "GLSA-200503-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
},
{
"name": "DSA-723",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-723"
},
{
"name": "19624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19624"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "18316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18316"
},
{
"name": "14460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14460"
},
{
"name": "RHSA-2005:198",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
},
{
"name": "FLSA-2006:152803",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"name": "RHSA-2005:044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
},
{
"name": "GLSA-200503-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
},
{
"name": "12714",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12714"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
},
{
"name": "RHSA-2005:473",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "SCOSA-2005.57",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
},
{
"name": "USN-97-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/97-1/"
},
{
"name": "oval:org.mitre.oval:def:10411",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
},
{
"name": "USN-92-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/92-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:331",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
},
{
"name": "RHSA-2005:412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
},
{
"name": "1013339",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013339"
},
{
"name": "18049",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18049"
},
{
"name": "20060403-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
},
{
"name": "SCOSA-2006.5",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
},
{
"name": "GLSA-200503-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
},
{
"name": "DSA-723",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-723"
},
{
"name": "19624",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19624"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
},
{
"name": "APPLE-SA-2005-08-15",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "18316",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18316"
},
{
"name": "14460",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14460"
},
{
"name": "RHSA-2005:198",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
},
{
"name": "FLSA-2006:152803",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"name": "RHSA-2005:044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
},
{
"name": "GLSA-200503-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
},
{
"name": "12714",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12714"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
},
{
"name": "RHSA-2005:473",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
},
{
"name": "APPLE-SA-2005-08-17",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "SCOSA-2005.57",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
},
{
"name": "USN-97-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/97-1/"
},
{
"name": "oval:org.mitre.oval:def:10411",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
},
{
"name": "USN-92-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/92-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:331",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
},
{
"name": "RHSA-2005:412",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
},
{
"name": "1013339",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013339"
},
{
"name": "18049",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18049"
},
{
"name": "20060403-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
},
{
"name": "SCOSA-2006.5",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=83598",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
},
{
"name": "GLSA-200503-15",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
},
{
"name": "DSA-723",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-723"
},
{
"name": "19624",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19624"
},
{
"name": "https://bugs.freedesktop.org/attachment.cgi?id=1909",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
},
{
"name": "APPLE-SA-2005-08-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"name": "18316",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18316"
},
{
"name": "14460",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14460"
},
{
"name": "RHSA-2005:198",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
},
{
"name": "FLSA-2006:152803",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"name": "RHSA-2005:044",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
},
{
"name": "GLSA-200503-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
},
{
"name": "12714",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12714"
},
{
"name": "RHSA-2008:0261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=83655",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
},
{
"name": "RHSA-2005:473",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
},
{
"name": "APPLE-SA-2005-08-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"name": "SCOSA-2005.57",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
},
{
"name": "USN-97-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/97-1/"
},
{
"name": "oval:org.mitre.oval:def:10411",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
},
{
"name": "USN-92-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/92-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0605",
"datePublished": "2005-03-04T05:00:00",
"dateReserved": "2005-03-01T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0667
Vulnerability from cvelistv5
Published
2005-03-07 05:00
Modified
2024-08-07 21:21
Severity ?
EPSS score ?
Summary
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://sylpheed.good-day.net/changelog-devel.html.en | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1013376 | vdb-entry, x_refsource_SECTRACK | |
| http://www.redhat.com/support/errata/RHSA-2005-303.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.gentoo.org/security/en/glsa/glsa-200503-26.xml | vendor-advisory, x_refsource_GENTOO | |
| http://sylpheed.good-day.net/changelog.html.en | x_refsource_CONFIRM | |
| http://secunia.com/advisories/14491 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:21:06.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sylpheed.good-day.net/changelog-devel.html.en"
},
{
"name": "1013376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013376"
},
{
"name": "RHSA-2005:303",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-303.html"
},
{
"name": "GLSA-200503-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-26.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sylpheed.good-day.net/changelog.html.en"
},
{
"name": "14491",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14491"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sylpheed.good-day.net/changelog-devel.html.en"
},
{
"name": "1013376",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013376"
},
{
"name": "RHSA-2005:303",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-303.html"
},
{
"name": "GLSA-200503-26",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-26.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sylpheed.good-day.net/changelog.html.en"
},
{
"name": "14491",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14491"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sylpheed.good-day.net/changelog-devel.html.en",
"refsource": "CONFIRM",
"url": "http://sylpheed.good-day.net/changelog-devel.html.en"
},
{
"name": "1013376",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013376"
},
{
"name": "RHSA-2005:303",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-303.html"
},
{
"name": "GLSA-200503-26",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-26.xml"
},
{
"name": "http://sylpheed.good-day.net/changelog.html.en",
"refsource": "CONFIRM",
"url": "http://sylpheed.good-day.net/changelog.html.en"
},
{
"name": "14491",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14491"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0667",
"datePublished": "2005-03-07T05:00:00",
"dateReserved": "2005-03-07T00:00:00",
"dateUpdated": "2024-08-07T21:21:06.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0803
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200410-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "oval:org.mitre.oval:def:100114",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "20041013 CESA-2004-006: libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:8896",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "libtiff-library-decoding-bo(17703)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "VU#948752",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200410-11",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"name": "RHSA-2004:577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "oval:org.mitre.oval:def:100114",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"name": "RHSA-2005:021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "20041013 CESA-2004-006: libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:8896",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"name": "201072",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "101677",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"name": "CLA-2004:888",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12818"
},
{
"name": "libtiff-library-decoding-bo(17703)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"name": "11406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "DSA-567",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "VU#948752",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200410-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"name": "RHSA-2004:577",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"name": "MDKSA-2004:109",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"name": "oval:org.mitre.oval:def:100114",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"name": "RHSA-2005:021",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"name": "20041013 CESA-2004-006: libtiff",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:8896",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"name": "201072",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"name": "101677",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"name": "SUSE-SA:2004:038",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"name": "http://scary.beasts.org/security/CESA-2004-006.txt",
"refsource": "MISC",
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"name": "CLA-2004:888",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"name": "MDKSA-2005:052",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"name": "http://www.kde.org/info/security/advisory-20041209-2.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"name": "RHSA-2005:354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"name": "12818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12818"
},
{
"name": "libtiff-library-decoding-bo(17703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"name": "11406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"name": "DSA-567",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"name": "VU#948752",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/948752"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0803",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0998
Vulnerability from cvelistv5
Published
2007-03-20 10:00
Modified
2024-08-07 12:43
Severity ?
EPSS score ?
Summary
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:21.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fedora-xen-qemuvnc-information-disclosure(33085)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "22967",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22967"
},
{
"name": "ADV-2007-1021",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"name": "ADV-2007-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"name": "RHSA-2007:0114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"name": "34304",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34304"
},
{
"name": "ADV-2007-1020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"name": "oval:org.mitre.oval:def:10486",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "FEDORA-2007-344",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2802"
},
{
"name": "SUSE-SU-2014:0446",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "FEDORA-2007-343",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2803"
},
{
"name": "24575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24575"
},
{
"name": "1017764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017764"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "fedora-xen-qemuvnc-information-disclosure(33085)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"name": "51413",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51413"
},
{
"name": "22967",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22967"
},
{
"name": "ADV-2007-1021",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"name": "ADV-2007-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"name": "RHSA-2007:0114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"name": "34304",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34304"
},
{
"name": "ADV-2007-1020",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"name": "oval:org.mitre.oval:def:10486",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"name": "openSUSE-SU-2012:1572",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "FEDORA-2007-344",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2802"
},
{
"name": "SUSE-SU-2014:0446",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "FEDORA-2007-343",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2803"
},
{
"name": "24575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24575"
},
{
"name": "1017764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017764"
},
{
"name": "openSUSE-SU-2012:1573",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-0998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fedora-xen-qemuvnc-information-disclosure(33085)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"name": "51413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51413"
},
{
"name": "22967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22967"
},
{
"name": "ADV-2007-1021",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"name": "ADV-2007-1019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"name": "RHSA-2007:0114",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"name": "34304",
"refsource": "OSVDB",
"url": "http://osvdb.org/34304"
},
{
"name": "ADV-2007-1020",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"name": "oval:org.mitre.oval:def:10486",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"name": "openSUSE-SU-2012:1572",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "FEDORA-2007-344",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2802"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "FEDORA-2007-343",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2803"
},
{
"name": "24575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24575"
},
{
"name": "1017764",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017764"
},
{
"name": "openSUSE-SU-2012:1573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-0998",
"datePublished": "2007-03-20T10:00:00",
"dateReserved": "2007-02-16T00:00:00",
"dateUpdated": "2024-08-07T12:43:21.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0235
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2004:840",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0235",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0949
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "11695",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "oval:org.mitre.oval:def:10360",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10360"
},
{
"name": "USN-30-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-30-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-smbrecvtrans2-memory-leak(18137)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18137"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "2004-0061",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2004/0061/"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "13232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13232/"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "11695",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "oval:org.mitre.oval:def:10360",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10360"
},
{
"name": "USN-30-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-30-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-smbrecvtrans2-memory-leak(18137)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18137"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "2004-0061",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2004/0061/"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "13232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13232/"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0949",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "11695",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11695"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "20041117 Advisory 14/2004: Linux 2.x smbfs multiple remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "oval:org.mitre.oval:def:10360",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10360"
},
{
"name": "USN-30-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-30-1/"
},
{
"name": "http://security.e-matters.de/advisories/142004.html",
"refsource": "MISC",
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-smbrecvtrans2-memory-leak(18137)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18137"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "2004-0061",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2004/0061/"
},
{
"name": "RHSA-2004:505",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "13232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13232/"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0949",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-10-12T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0889
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/11501 | vdb-entry, x_refsource_BID | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:113 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17819 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=109880927526773&w=2 | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "xpdf-pdf-file-bo(17819)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11501",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "MDKSA-2004:113",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "GLSA-200410-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "xpdf-pdf-file-bo(17819)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"name": "SUSE-SA:2004:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"name": "MDKSA-2004:113",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"name": "GLSA-200410-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"name": "GLSA-200410-30",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"name": "xpdf-pdf-file-bo(17819)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"name": "SUSE-SA:2004:039",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0889",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0156
Vulnerability from cvelistv5
Published
2005-02-07 05:00
Modified
2024-08-07 21:05
Severity ?
EPSS score ?
Summary
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:24.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050207 DMA[2005-0131b] - \u0027Setuid Perl PERLIO_DEBUG",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt"
},
{
"name": "12426",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12426"
},
{
"name": "RHSA-2005:105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-105.html"
},
{
"name": "14120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14120"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "RHSA-2005:103",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-103.html"
},
{
"name": "oval:org.mitre.oval:def:10803",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803"
},
{
"name": "55314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55314"
},
{
"name": "20050202 [USN-72-1] Perl vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2"
},
{
"name": "CLSA-2006:1056",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056"
},
{
"name": "FLSA-2006:152845",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"name": "MDKSA-2005:031",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031"
},
{
"name": "perl-perliodebug-bo(19208)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208"
},
{
"name": "GLSA-200502-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050207 DMA[2005-0131b] - \u0027Setuid Perl PERLIO_DEBUG",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt"
},
{
"name": "12426",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12426"
},
{
"name": "RHSA-2005:105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-105.html"
},
{
"name": "14120",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14120"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "RHSA-2005:103",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-103.html"
},
{
"name": "oval:org.mitre.oval:def:10803",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803"
},
{
"name": "55314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55314"
},
{
"name": "20050202 [USN-72-1] Perl vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2"
},
{
"name": "CLSA-2006:1056",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056"
},
{
"name": "FLSA-2006:152845",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"name": "MDKSA-2005:031",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031"
},
{
"name": "perl-perliodebug-bo(19208)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208"
},
{
"name": "GLSA-200502-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050207 DMA[2005-0131b] - \u0027Setuid Perl PERLIO_DEBUG",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2"
},
{
"name": "http://www.digitalmunition.com/DMA[2005-0131b].txt",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/DMA[2005-0131b].txt"
},
{
"name": "12426",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12426"
},
{
"name": "RHSA-2005:105",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-105.html"
},
{
"name": "14120",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14120"
},
{
"name": "2005-0003",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "RHSA-2005:103",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-103.html"
},
{
"name": "oval:org.mitre.oval:def:10803",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803"
},
{
"name": "55314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55314"
},
{
"name": "20050202 [USN-72-1] Perl vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2"
},
{
"name": "CLSA-2006:1056",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056"
},
{
"name": "FLSA-2006:152845",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"name": "MDKSA-2005:031",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031"
},
{
"name": "perl-perliodebug-bo(19208)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208"
},
{
"name": "GLSA-200502-13",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0156",
"datePublished": "2005-02-07T05:00:00",
"dateReserved": "2005-01-27T00:00:00",
"dateUpdated": "2024-08-07T21:05:24.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0930
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-22-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-22-1/"
},
{
"name": "samba-msfnmatch-dos(17987)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17987"
},
{
"name": "MDKSA-2004:131",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:131"
},
{
"name": "CLA-2004:899",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"name": "20041108 Samba SMBD Remote Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=156\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "101783",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1"
},
{
"name": "OpenPKG-SA-2004.054",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"name": "APPLE-SA-2005-03-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "GLSA-200411-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml"
},
{
"name": "11624",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11624"
},
{
"name": "20041201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"name": "SUSE-SA:2004:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"name": "oval:org.mitre.oval:def:10936",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936"
},
{
"name": "SCOSA-2005.17",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"name": "20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109993720717957\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-22-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-22-1/"
},
{
"name": "samba-msfnmatch-dos(17987)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17987"
},
{
"name": "MDKSA-2004:131",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:131"
},
{
"name": "CLA-2004:899",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"name": "20041108 Samba SMBD Remote Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=156\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "101783",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1"
},
{
"name": "OpenPKG-SA-2004.054",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"name": "APPLE-SA-2005-03-21",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "GLSA-200411-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml"
},
{
"name": "11624",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11624"
},
{
"name": "20041201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"name": "SUSE-SA:2004:040",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"name": "oval:org.mitre.oval:def:10936",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936"
},
{
"name": "SCOSA-2005.17",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"name": "20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109993720717957\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-22-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-22-1/"
},
{
"name": "samba-msfnmatch-dos(17987)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17987"
},
{
"name": "MDKSA-2004:131",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:131"
},
{
"name": "CLA-2004:899",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"name": "20041108 Samba SMBD Remote Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=156\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"name": "101783",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1"
},
{
"name": "OpenPKG-SA-2004.054",
"refsource": "OPENPKG",
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"name": "APPLE-SA-2005-03-21",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"name": "GLSA-200411-21",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml"
},
{
"name": "11624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11624"
},
{
"name": "20041201-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"name": "SUSE-SA:2004:040",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"name": "oval:org.mitre.oval:def:10936",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936"
},
{
"name": "SCOSA-2005.17",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"name": "20041108 [SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109993720717957\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0930",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-04T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3630
Vulnerability from cvelistv5
Published
2006-02-24 00:00
Modified
2024-09-17 01:21
Severity ?
EPSS score ?
Summary
Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
References
| ▼ | URL | Tags |
|---|---|---|
| http://directory.fedora.redhat.com/wiki/FDS10Announcement | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/16729 | vdb-entry, x_refsource_BID | |
| https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994 | x_refsource_MISC | |
| https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/18939 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.700Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://directory.fedora.redhat.com/wiki/FDS10Announcement"
},
{
"name": "16729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16729"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837"
},
{
"name": "18939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18939"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders \"allow\" directives before \"deny\" directives."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-02-24T00:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://directory.fedora.redhat.com/wiki/FDS10Announcement"
},
{
"name": "16729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16729"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837"
},
{
"name": "18939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18939"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-3630",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders \"allow\" directives before \"deny\" directives."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://directory.fedora.redhat.com/wiki/FDS10Announcement",
"refsource": "CONFIRM",
"url": "http://directory.fedora.redhat.com/wiki/FDS10Announcement"
},
{
"name": "16729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16729"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837"
},
{
"name": "18939",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18939"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3630",
"datePublished": "2006-02-24T00:00:00Z",
"dateReserved": "2005-11-16T00:00:00Z",
"dateUpdated": "2024-09-17T01:21:04.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0802
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
References
| ▼ | URL | Tags |
|---|---|---|
| http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup | x_refsource_MISC | |
| http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 | vendor-advisory, x_refsource_CONECTIVA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17183 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/11084 | vdb-entry, x_refsource_BID | |
| http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"name": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html",
"refsource": "CONFIRM",
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0802",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0914
Vulnerability from cvelistv5
Published
2004-12-15 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-004.html"
},
{
"name": "libxpm-directory-traversal(18146)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18146"
},
{
"name": "USN-83-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-83-1"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-537.html"
},
{
"name": "libxpm-image-bo(18142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18142"
},
{
"name": "13224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13224/"
},
{
"name": "oval:org.mitre.oval:def:9943",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943"
},
{
"name": "FEDORA-2004-433",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/content/view/106877/102/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch"
},
{
"name": "RHSA-2004:610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-610.html"
},
{
"name": "libxpm-improper-memory-access(18144)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18144"
},
{
"name": "GLSA-200502-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml"
},
{
"name": "FLSA-2006:152803",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"name": "DSA-607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-607"
},
{
"name": "11694",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11694"
},
{
"name": "GLSA-200502-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml"
},
{
"name": "USN-83-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-83-2"
},
{
"name": "HPSBTU01228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228"
},
{
"name": "MDKSA-2004:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:137"
},
{
"name": "GLSA-200411-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml"
},
{
"name": "libxpm-dos(18147)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18147"
},
{
"name": "libxpm-command-execution(18145)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18145"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE\u0027s content decisions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-004.html"
},
{
"name": "libxpm-directory-traversal(18146)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18146"
},
{
"name": "USN-83-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-83-1"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2004-537.html"
},
{
"name": "libxpm-image-bo(18142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18142"
},
{
"name": "13224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13224/"
},
{
"name": "oval:org.mitre.oval:def:9943",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943"
},
{
"name": "FEDORA-2004-433",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.linuxsecurity.com/content/view/106877/102/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch"
},
{
"name": "RHSA-2004:610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-610.html"
},
{
"name": "libxpm-improper-memory-access(18144)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18144"
},
{
"name": "GLSA-200502-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml"
},
{
"name": "FLSA-2006:152803",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"name": "DSA-607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-607"
},
{
"name": "11694",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11694"
},
{
"name": "GLSA-200502-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml"
},
{
"name": "USN-83-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-83-2"
},
{
"name": "HPSBTU01228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228"
},
{
"name": "MDKSA-2004:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:137"
},
{
"name": "GLSA-200411-28",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml"
},
{
"name": "libxpm-dos(18147)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18147"
},
{
"name": "libxpm-command-execution(18145)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18145"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE\u0027s content decisions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:004",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-004.html"
},
{
"name": "libxpm-directory-traversal(18146)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18146"
},
{
"name": "USN-83-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-83-1"
},
{
"name": "RHSA-2004:537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2004-537.html"
},
{
"name": "libxpm-image-bo(18142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18142"
},
{
"name": "13224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13224/"
},
{
"name": "oval:org.mitre.oval:def:9943",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943"
},
{
"name": "FEDORA-2004-433",
"refsource": "FEDORA",
"url": "http://www.linuxsecurity.com/content/view/106877/102/"
},
{
"name": "http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch",
"refsource": "CONFIRM",
"url": "http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch"
},
{
"name": "RHSA-2004:610",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-610.html"
},
{
"name": "libxpm-improper-memory-access(18144)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18144"
},
{
"name": "GLSA-200502-07",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml"
},
{
"name": "FLSA-2006:152803",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"name": "DSA-607",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-607"
},
{
"name": "11694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11694"
},
{
"name": "GLSA-200502-06",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml"
},
{
"name": "USN-83-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-83-2"
},
{
"name": "HPSBTU01228",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228"
},
{
"name": "MDKSA-2004:137",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:137"
},
{
"name": "GLSA-200411-28",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml"
},
{
"name": "libxpm-dos(18147)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18147"
},
{
"name": "libxpm-command-execution(18145)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18145"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0914",
"datePublished": "2004-12-15T05:00:00",
"dateReserved": "2004-09-27T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0817
Vulnerability from cvelistv5
Published
2004-09-17 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2004-465.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2004/dsa-548 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:089 | vendor-advisory, x_refsource_MANDRAKE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17182 | vdb-entry, x_refsource_XF | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.securityfocus.com/bid/11084 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:465",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0817",
"datePublished": "2004-09-17T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1335
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
EPSS score ?
Summary
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "20041215 fun with linux kernel",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "20041215 [USN-47-1] Linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "oval:org.mitre.oval:def:11085",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085"
},
{
"name": "RHSA-2005:017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2005:016",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "linux-ipoptionsget-memory-leak(18524)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "20041215 fun with linux kernel",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "20041215 [USN-47-1] Linux kernel vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "oval:org.mitre.oval:def:11085",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085"
},
{
"name": "RHSA-2005:017",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2005:016",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "linux-ipoptionsget-memory-leak(18524)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "20041215 fun with linux kernel",
"refsource": "FULLDISC",
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"name": "20041215 [USN-47-1] Linux kernel vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "oval:org.mitre.oval:def:11085",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085"
},
{
"name": "RHSA-2005:017",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2005:016",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"name": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html",
"refsource": "MISC",
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"name": "11956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11956"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "linux-ipoptionsget-memory-leak(18524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1335",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-06T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1072
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "oval:org.mitre.oval:def:11195",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "RHSA-2005:275",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-275.html"
},
{
"name": "19607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20163",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20163"
},
{
"name": "oval:org.mitre.oval:def:11195",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195"
},
{
"name": "DSA-1082",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "RHSA-2005:275",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-275.html"
},
{
"name": "19607",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "DSA-1067",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20163"
},
{
"name": "oval:org.mitre.oval:def:11195",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195"
},
{
"name": "DSA-1082",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"name": "MDKSA-2005:022",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"name": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt",
"refsource": "MISC",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"name": "FLSA:2336",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"name": "RHSA-2005:275",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-275.html"
},
{
"name": "19607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19607"
},
{
"name": "DSA-1070",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"name": "RHSA-2004:537",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"name": "20162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20162"
},
{
"name": "linux-elf-setuid-gain-privileges(18025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"name": "DSA-1067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"name": "11646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"name": "DSA-1069",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"name": "20060402-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"name": "RHSA-2004:505",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "RHSA-2004:504",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1072",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-29T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
"matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) \"..\" (punto punto) o (2) rutas absolutas con barra inicial doble (\"//ruta/absoluta\")."
}
],
"id": "CVE-2004-0235",
"lastModified": "2024-11-20T23:48:04.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-18 04:00
Modified
2024-11-20 23:51
Severity ?
Summary
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | 1.0 | |
| mozilla | mozilla | 1.0 | |
| mozilla | mozilla | 1.0 | |
| mozilla | mozilla | 1.0.1 | |
| mozilla | mozilla | 1.0.2 | |
| mozilla | mozilla | 1.1 | |
| mozilla | mozilla | 1.1 | |
| mozilla | mozilla | 1.1 | |
| mozilla | mozilla | 1.2 | |
| mozilla | mozilla | 1.2 | |
| mozilla | mozilla | 1.2 | |
| mozilla | mozilla | 1.2.1 | |
| mozilla | mozilla | 1.3 | |
| mozilla | mozilla | 1.3.1 | |
| mozilla | mozilla | 1.4 | |
| mozilla | mozilla | 1.4 | |
| mozilla | mozilla | 1.4 | |
| mozilla | mozilla | 1.4.1 | |
| mozilla | mozilla | 1.4.2 | |
| mozilla | mozilla | 1.4.4 | |
| mozilla | mozilla | 1.5 | |
| mozilla | mozilla | 1.6 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7.1 | |
| mozilla | mozilla | 1.7.2 | |
| mozilla | mozilla | 1.7.3 | |
| mozilla | mozilla | 1.8 | |
| sgi | propack | 3.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_1.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 9.0 | |
| redhat | linux_advanced_workstation | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDAEAE6-BA9F-4D40-B264-4A72930239E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A76ACC55-754D-4501-8312-5A4E10D053B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8987151-0901-4547-B750-5DC470BB9CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53E60BCC-6D1C-489E-9F3B-9BE42B46704F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66A87ED8-9E1F-4C2C-B806-A41765081C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C795D86F-9B08-41FE-B82B-5BBB3DE6357D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "2637D552-4A3D-4867-B52A-ACCED8681AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC237C8-CFE0-4128-B549-93CD16894E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:*",
"matchCriteriaId": "6B8EA79A-8426-44CF-AF13-58F7EF8B6D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "367A5D46-0FF3-4140-9478-251363822E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA58EE9-05C7-4395-A8A4-5F54BE4C5DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DE4889-424F-4A44-8C14-9F18821CE961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3F91A1-7DD9-4146-8BA4-BE594C66DD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "1003D688-3EEA-45F9-BB2C-5BAB395D7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED69BEB9-8D83-415B-826D-9D17FB67976B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE678D7-812D-4C55-91B0-F3AC6BE0CD58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "098458D4-635B-4A4D-9472-39370094E1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BCDB64E5-AE26-43DF-8A66-654D5D22A635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF63077-4E98-497D-8CE6-B84B022DB21D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C883B45F-D28D-428E-AAF7-F93522A229DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.8:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "10349BA5-70D3-4D11-94F6-A77D8570CB06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme."
}
],
"id": "CVE-2004-1613",
"lastModified": "2024-11-20T23:51:19.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lcamtuf.coredump.cx/mangleme/gallery/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1011810"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11439"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lcamtuf.coredump.cx/mangleme/gallery/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1011810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-323.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-02 05:00
Modified
2024-11-20 23:55
Severity ?
Summary
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*",
"matchCriteriaId": "63A4B331-2868-46E3-9734-DC3AEFD2F756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76FFBC43-2178-48DF-B61E-CCBA4682AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8F506308-E878-4AA5-B5D5-A7E148D63947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D129D08C-AF18-4F9D-9781-64B8C1CFD65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE887A26-0590-40DE-ACE2-28A30E5228AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23FF2D1C-D328-49BE-87CF-938FB533180B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BEECB0ED-A5C9-4675-9CEB-AD6C19EDA7D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B43D5F86-97B2-4175-8ED7-1F937850F9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0946A224-6A0C-4DE3-89F9-200682431737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F33E5444-E178-4F49-BDA1-DE576D8526EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BCC09AA-AB01-4583-8052-66DBF0E1861D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E49FAA6-E146-4AD5-845E-9445C7D9F088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "43425C85-806B-4823-AD74-D0A0465FC8DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90FA67D9-8296-4534-8354-51B830DE3499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8A000C67-7EA3-47A7-9068-1C8744C182D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "25EDDB93-DD20-4DBE-962B-6334D5A7CB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC4F566-5D54-4364-B5AA-F846A0C8FCEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9D1BD9-4300-43B5-A87B-E2BF74E55C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*",
"matchCriteriaId": "F4B7E143-E24B-40D2-897B-6D516566B7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "837EBF15-6C7D-46B8-8A90-9DFBF2C09FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E859A205-0DC2-4E28-8FF0-72D66DE9B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F18E8C7B-53AC-4BC7-9E00-A70293172B58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*",
"matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*",
"matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "F1D16230-3699-4AAA-9CAE-5CAF34628885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
"matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
"matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
}
],
"id": "CVE-2005-0605",
"lastModified": "2024-11-20T23:55:30.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14460"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18049"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18316"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19624"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013339"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-723"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12714"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/92-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/97-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/92-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/97-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-10-07 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cyrus:sasl:1.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B837A3-E1D7-469D-9A2C-1648DB869524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:1.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5319DC-7C56-4661-83A6-6F226DD6804F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:1.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "6BFA8CBB-D990-489B-BBA1-72392B45511F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABBB175-E5D7-4270-A599-666233B6420B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A8765C3F-45F4-403A-900C-EDC95476A5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1BAE912B-3905-40D2-A2A3-34A87B743244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0B860C12-E0C6-4365-8199-BDCA7303B549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D836C743-2957-4FE7-A396-E68466B29266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "26AC8F82-1FE2-418E-A90B-3011C31274E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D75CC348-B708-4B44-80AE-98C10B498876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBB6270-112B-4BC2-A72F-1FD44C7E6DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E35EEADE-B717-4851-8D45-60E0F8800E8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "798B1672-529E-4D61-9CE6-A3C362AA3FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cyrus:sasl:2.1.18_r1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD156C94-966C-4EF7-A386-DA5516B77DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "37042CDE-E4FE-442E-891A-CD84433D36E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11F6E348-01DF-4FA4-808E-39A2A7A2B97B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_cvsup:16.1h_36.i586:*:*:*:*:*:*:*",
"matchCriteriaId": "C930F134-76A8-4628-8B2E-B06CAC1F32CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB279593-17D1-4A65-BF54-969B38B74B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80F5B731-D5A7-4694-9B27-CEE1DCC810EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D5DB7BE-FC71-4ADE-8B9F-7EA401C8CA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E2571E-D9EB-43CD-82DD-8C813FF8D5E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "36F4618C-1408-4097-B97D-5F32DE6D01DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5F558C40-D0DA-4700-95DA-DF1322C020E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "64F8F30B-E4B8-4745-AFFA-8FD620E61994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code."
}
],
"id": "CVE-2005-0373",
"lastModified": "2024-11-20T23:54:59.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-10-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxcompatible.org/print42495.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:054"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11347"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxcompatible.org/print42495.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of Cyrus SASL as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-07-27 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avaya | converged_communications_server | 2.0 | |
| redhat | fedora_core | core_1.0 | |
| redhat | fedora_core | core_2.0 | |
| trustix | secure_linux | 1.5 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| avaya | integrated_management | * | |
| php | php | 4.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| avaya | s8300 | r2.0.0 | |
| avaya | s8300 | r2.0.1 | |
| avaya | s8500 | r2.0.0 | |
| avaya | s8500 | r2.0.1 | |
| avaya | s8700 | r2.0.0 | |
| avaya | s8700 | r2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D12D6986-429E-4152-A6E5-4CC1FB9556D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities."
},
{
"lang": "es",
"value": "La funci\u00f3n strip_tags en PHP 4.x hasta 4.3.7, y 5.x hasta 5.0.0RC3, no filtra caract\u00e9res null() dentro de nombreres de etiquetas cuanto se restringe la entrada a etiquetas permitidas, lo que permite que etiquetas peligrosas sean procesadas por navegadores como Internet Explorer y Safari, que ignoran caract\u00e9res nulos y facilita la explotaci\u00f3n de vulnerabilidades de secuencias de comandos en sitios cruzados (XSS)."
}
],
"id": "CVE-2004-0595",
"lastModified": "2024-11-20T23:48:56.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-07-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10724"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108981780109154\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108982983426031\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109051444105182\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_21_php4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-392.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-395.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-405.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7.1 | |
| mozilla | mozilla | 1.7.2 | |
| mozilla | thunderbird | 0.7 | |
| mozilla | thunderbird | 0.7.1 | |
| mozilla | thunderbird | 0.7.2 | |
| mozilla | thunderbird | 0.7.3 | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_1.0 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 9.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message."
}
],
"id": "CVE-2004-0903",
"lastModified": "2024-11-20T23:49:38.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/414240"
},
{
"source": "cve@mitre.org",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11174"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/414240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-26 22:46
Modified
2024-11-21 00:39
Severity ?
Summary
buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_core | f7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:f7:*:*:*:*:*:*:*",
"matchCriteriaId": "C94FB2B2-DD3A-44B9-8123-15EE5522F675",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink attack on the (1) scan.pnm and (2) scan.jpg temporary files."
},
{
"lang": "es",
"value": "buttonpressed.sh de scanbuttond 0.2.3 permite a usuarios locales sobrescribir ficheros de su elecci\u00f3n mediante un ataque de enlaces simb\u00f3licos en los ficheros temporales (1) scan.pnm y (2) scan.jpg"
}
],
"id": "CVE-2007-6131",
"lastModified": "2024-11-21T00:39:25.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-26T22:46:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/42422"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27847"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1019007"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/26617"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/4024"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=383131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=383131"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-14 22:06
Modified
2024-11-21 00:06
Severity ?
Summary
dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of "," (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_core | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:1.0:*:directory_server:*:*:*:*:*",
"matchCriteriaId": "883A1946-9017-4FA7-9517-2D074E764B14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "dn2ancestor in the LDAP component in Fedora Directory Server 1.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via a ModDN operation with a DN that contains a large number of \",\" (comma) characters, which results in a large amount of recursion, as demonstrated using the ProtoVer LDAP test suite."
}
],
"id": "CVE-2006-0452",
"lastModified": "2024-11-21T00:06:29.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-14T22:06:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179137"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18960"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/16677"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24796"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openpkg | openpkg | 2.1 | |
| openpkg | openpkg | 2.2 | |
| openpkg | openpkg | current | |
| squid | squid | 2.0_patch2 | |
| squid | squid | 2.1_patch2 | |
| squid | squid | 2.3_.stable4 | |
| squid | squid | 2.3_.stable5 | |
| squid | squid | 2.4 | |
| squid | squid | 2.4_.stable2 | |
| squid | squid | 2.4_.stable6 | |
| squid | squid | 2.4_.stable7 | |
| squid | squid | 2.5_.stable1 | |
| squid | squid | 2.5_.stable3 | |
| squid | squid | 2.5_.stable4 | |
| squid | squid | 2.5_.stable5 | |
| squid | squid | 2.5_.stable6 | |
| squid | squid | 3.0_pre1 | |
| squid | squid | 3.0_pre2 | |
| squid | squid | 3.0_pre3 | |
| gentoo | linux | * | |
| redhat | fedora_core | core_2.0 | |
| trustix | secure_linux | 1.5 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "37042CDE-E4FE-442E-891A-CD84433D36E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11F6E348-01DF-4FA4-808E-39A2A7A2B97B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
"matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.0_patch2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AA7680-E004-44AC-9AE9-C0186459C4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.1_patch2:*:*:*:*:*:*:*",
"matchCriteriaId": "05A4829D-4DC1-4CD2-B136-48719A254EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.3_.stable4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6BFB6A-0AFC-4E52-AD48-252E741B683B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.3_.stable5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9797A37-FD26-4527-B2FA-E458F7A88D9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "540AA8A9-A4AB-4DB2-B37E-11876348DF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.4_.stable2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F697BB-5C94-42CD-AD9E-72C3D3675D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.4_.stable6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE764CDC-1018-4502-8F41-8A48E38E7AAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.4_.stable7:*:*:*:*:*:*:*",
"matchCriteriaId": "6CBAAC5B-6012-410F-B765-689A8D55B095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.5_.stable1:*:*:*:*:*:*:*",
"matchCriteriaId": "62C66D46-D3C7-4FCC-B80D-EBA542E77C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.5_.stable3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B6C02F-D194-4CA7-9DEC-A436A4E8C99C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.5_.stable4:*:*:*:*:*:*:*",
"matchCriteriaId": "8B7D86CB-EEAD-4C40-855D-E98E4ED8B58F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.5_.stable5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F59C3E7-0AC0-4886-B4B4-56904AC93C55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:2.5_.stable6:*:*:*:*:*:*:*",
"matchCriteriaId": "5207FB50-946A-4AB2-AED9-9BA78B88F1F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:3.0_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF89643B-169C-4ECD-B905-F4FE7F37030D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:3.0_pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "631B754D-1EB0-4A64-819A-5A24E7D0ADFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:squid:squid:3.0_pre3:*:*:*:*:*:*:*",
"matchCriteriaId": "95AB69CF-AD54-4D30-A9C5-4253855A760F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error."
}
],
"id": "CVE-2004-0918",
"lastModified": "2024-11-20T23:49:40.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
},
{
"source": "cve@mitre.org",
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30914"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30967"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11385"
},
{
"source": "cve@mitre.org",
"url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1969/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1969/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-04-22 04:00
Modified
2024-11-20 23:55
Severity ?
Summary
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | quanta | 3.1 | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| gentoo | linux | * | |
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| kde | kde | 3.4 | |
| redhat | fedora_core | core_3.0 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 5.04 | |
| ubuntu | ubuntu_linux | 5.04 | |
| ubuntu | ubuntu_linux | 5.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:quanta:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0716B886-DF42-4BB2-BE9F-423A4CBE5001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "442021C9-BE4D-4BC9-8114-8BEFA9EC1232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code."
}
],
"id": "CVE-2005-0754",
"lastModified": "2024-11-20T23:55:49.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-04-22T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15060"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.0-kdewebdev-kommander.diff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111419664411051\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20050420-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13313"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-14 22:06
Modified
2024-11-21 00:06
Severity ?
Summary
Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_core | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:1.0:*:directory_server:*:*:*:*:*",
"matchCriteriaId": "883A1946-9017-4FA7-9517-2D074E764B14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite."
}
],
"id": "CVE-2006-0451",
"lastModified": "2024-11-21T00:06:29.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-14T22:06:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18960"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/16677"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24794"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | |
| easy_software_products | cups | 1.0.4_8 | |
| easy_software_products | cups | 1.1.1 | |
| easy_software_products | cups | 1.1.4 | |
| easy_software_products | cups | 1.1.4_2 | |
| easy_software_products | cups | 1.1.4_3 | |
| easy_software_products | cups | 1.1.4_5 | |
| easy_software_products | cups | 1.1.6 | |
| easy_software_products | cups | 1.1.7 | |
| easy_software_products | cups | 1.1.10 | |
| easy_software_products | cups | 1.1.12 | |
| easy_software_products | cups | 1.1.13 | |
| easy_software_products | cups | 1.1.14 | |
| easy_software_products | cups | 1.1.15 | |
| easy_software_products | cups | 1.1.16 | |
| easy_software_products | cups | 1.1.17 | |
| easy_software_products | cups | 1.1.18 | |
| easy_software_products | cups | 1.1.19 | |
| easy_software_products | cups | 1.1.19_rc5 | |
| easy_software_products | cups | 1.1.20 | |
| easy_software_products | cups | 1.1.21 | |
| easy_software_products | cups | 1.1.22_rc1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2406EA53-15E7-4CFE-850B-D3CF3FA8560A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors."
}
],
"id": "CVE-2004-1268",
"lastModified": "2024-11-20T23:50:28.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18606"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/50-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times."
},
{
"lang": "es",
"value": "La funci\u00f3n smb_recv_trans2 en el sistema de ficheros samba (smbfs) en los kernel de Linux 2.4 y 2.6 no maneja adecuadamente el reensamblaje de paquetes fragmentados, lo que podr\u00eda permitir a servidores samba remotos:\r\n\r\nleer informaci\u00f3n del kernel de su elecci\u00f3n\r\naumentar un valor de un contador en un n\u00famero arbitrario enviando la primera parte del paquete fragmentado varias veces."
}
],
"id": "CVE-2004-0949",
"lastModified": "2024-11-20T23:49:45.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13232/"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2004/0061/"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18137"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10360"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-30-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13232/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2004/0061/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-30-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-03 23:07
Modified
2024-11-21 00:20
Severity ?
Summary
Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2422569B-02ED-4028-83D8-D778657596B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E66E4653-1A55-4827-888B-E0776E32ED28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6C8994CB-7F94-43FB-8B84-06AEBB34EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "02EED3D5-8F89-4B7F-A34B-52274B1A754F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5F87AA89-F377-4BEB-B69F-809F5DA6176C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C27AF62E-A026-43E9-89E6-CD807CE9DF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "79C2AE0E-DAE8-4443-B33F-6ABA9019AA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D343B121-C007-49F8-9DE8-AA05CE58FF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3A0370A2-0A23-4E34-A2AC-8D87D051B0B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5738D628-0B2D-4F56-9427-2009BFCB6C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "169446DE-67F8-4738-91FE-ED8058118F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "93F0834D-C5EA-4C96-8D6C-3123ECF78F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5D9F976B-1328-40FE-A1F2-C1DF3F836604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*",
"matchCriteriaId": "10E1B011-8D20-448E-9DD5-023DD30D1FE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*",
"matchCriteriaId": "2A29A4BC-0442-458E-A874-BF0D0F2870FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "04F25DE0-CA8E-4F57-87A5-C30D89CC9E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*",
"matchCriteriaId": "F87F764B-4097-44FA-B96E-A5DA75E31F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D7025803-C679-44DB-ADEE-864E6CAAD9B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*",
"matchCriteriaId": "24B879D6-4631-49A8-9366-75577DFB755D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
"matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF35478-B292-4A00-B985-CEEDE8B212C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "390B1E09-7014-4A74-834C-806BBEBAF6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FEF02479-2124-4655-A38D-A4793D3B8A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0FB5CF04-B5B6-4DFB-B051-61EDA257019F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFCEA98-C708-4E1E-B189-E6F96D28F07A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B753112-CCDE-4870-AA97-4AAA2946421A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79B3AFE7-F4FF-4144-9046-E5926E305A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7616E197-ACCA-4191-A513-FD48417C7F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ED1AA7FC-F5B9-406C-ABE4-0BE5E9889619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "34E60197-56C3-485C-9609-B1C4A0E0FCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1369C4A-EF3B-4805-9046-ADA38ED940C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86E452E4-45A9-4469-BF69-F40B6598F0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E51F0211-2D3E-4260-AD63-E83AE4EC4AF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*",
"matchCriteriaId": "747F1324-AEFA-496F-9447-12CD13114F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*",
"matchCriteriaId": "190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6B81A4DD-2ADE-4455-B517-5E4E0532D5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*",
"matchCriteriaId": "03FB31E5-190C-489A-AB30-910D2CC854F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*",
"matchCriteriaId": "073C3CE0-E12D-4545-8460-5A1514271D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*",
"matchCriteriaId": "83700989-8820-48DA-A9FE-6A77DF1E8439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E86E13B-EC92-47F3-94A9-DB515313011D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*",
"matchCriteriaId": "7EE30F34-EE81-4E1E-BF9F-A7A36B78B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DEB3068F-2F64-4BBC-BA3C-FB56A2FBED50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA5E262-7825-496F-AA72-0AD6DE6F3C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9E62F6FA-6C96-4AEE-8547-8C2FE1FAD998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3ACE7A-A600-4ABB-B988-5D59D626DC0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F839622-3DE1-4A16-8BD2-5FA2CBF014D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DC47887B-5608-47BE-85EE-563864461915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "809264F1-763D-4A8F-B206-222332DD8732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A66ED53E-3139-4972-B027-D614BFFB8628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*",
"matchCriteriaId": "85A3AB7A-1959-4A57-B83D-B2753C43649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FB7FA3-727D-4BB9-937C-F4F5DA97FFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4A60B265-5508-4EE0-980A-44BB0966FD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C06F0037-DE20-4B4A-977F-BFCFAB026517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D08CBC56-C820-4513-ABEC-1ABB3EFC3A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4ED4E9DD-DDAD-46A8-9AD2-9CAE406F7575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in squashfs module in the Linux kernel 2.6.x, as used in Fedora Core 5 and possibly other distributions, allows local users to cause a denial of service by mounting a crafted squashfs filesystem."
},
{
"lang": "es",
"value": "Vulnerabilidad doble-libre en m\u00f3dulo squashfs en el kernel de Linux 2.6.x, tal y como se usa en Fedora Core 5 y posiblemente otras distribuciones, permite a un usuario local provocar denegaci\u00f3n de servicio a trav\u00e9s del montado manipualado del sistema de ficheros."
}
],
"id": "CVE-2006-5701",
"lastModified": "2024-11-21T00:20:11.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-03T23:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://projects.info-pull.com/mokb/MOKB-02-11-2006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22655"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23361"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23384"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24259"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:047"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20870"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://projects.info-pull.com/mokb/MOKB-02-11-2006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29967"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not Vulnerable. The squashfs module is not distributed as part of Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
| redhat | fedora_core | core_1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service."
},
{
"lang": "es",
"value": "Permisos inseguros en el fichero /proc/scsi/qla2300/HbaApiNode en Linux permite a usuarios locales causar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2004-0587",
"lastModified": "2024-11-20T23:48:55.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lwn.net/Articles/91155/"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010057"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10279"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lwn.net/Articles/91155/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| carnegie_mellon_university | cyrus_imap_server | 2.1.7 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.9 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.10 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.16 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.0_alpha | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.1_beta | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.2_beta | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.3 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.4 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.5 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.6 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.7 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.8 | |
| openpkg | openpkg | current | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| trustix | secure_linux | 2.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7077ABB3-CD11-4E1C-9E34-8EC94C1101F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC21C9C1-C8A2-4879-A604-E1192438A847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF89521-977F-425A-BC5B-9D6F2F778125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "22FC7757-3A91-4E49-92C4-603A403BF7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.0_alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "6D17A195-4E9E-49C8-878D-D64CB6DB175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.1_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "56A72779-D978-40E4-B2E6-BA7DB94B1FAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.2_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D1923E-96B6-46F6-8E30-3831CA047C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2BDC99-FA96-4520-9485-F091F0DD4F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7DA2ED-7300-4736-BE05-8B6DE2CD71C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA0C525-DC15-4C9E-BD7E-967BEF3AED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DD50BC1E-6793-44EE-B563-B1095BD710C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA911A6-2192-42F0-9E60-171B221241C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4475B5-443F-4ECD-B095-4D84F9D5F96D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
"matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command (\"body[p\") that is treated as a different command (\"body.peek\") and causes an index increment error that leads to an out-of-bounds memory corruption."
},
{
"lang": "es",
"value": "El procesador de argumentos de la orden PARTIAL de Cyrus IMAP Server 2.2.6 y anteriores permite a usuarios remotos autentificados ejecutar c\u00f3digo de su elecci\u00f3n mediante una cierta orden (\"body[p\") que es tratada como una orden distinta (\"body.peek\") y produce un error de incremento de \u00edndice que conduce a una corrupci\u00f3n de memoria fuera de l\u00edmites."
}
],
"id": "CVE-2004-1012",
"lastModified": "2024-11-20T23:49:54.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13274/"
},
{
"source": "cve@mitre.org",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-31-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13274/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdflib:pdf_library:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A70D7A-D552-49A4-9E6F-B014BF195D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wxgtk2:wxgtk2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6613FA38-E5C4-4BE8-8994-C00AB68A266B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wxgtk2:wxgtk2:2.5_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2814035-2888-43B9-B597-2CBF17C56FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls."
}
],
"id": "CVE-2004-0886",
"lastModified": "2024-11-20T23:49:36.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1011674"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1011674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-015.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/687568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2004/0054/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9907"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-14 22:06
Modified
2024-11-21 00:06
Severity ?
Summary
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_core | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:1.0:*:directory_server:*:*:*:*:*",
"matchCriteriaId": "883A1946-9017-4FA7-9517-2D074E764B14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain \"bad BER sequence\" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite."
}
],
"id": "CVE-2006-0453",
"lastModified": "2024-11-21T00:06:29.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-14T22:06:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18960"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/16677"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24795"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | |
| easy_software_products | cups | 1.0.4_8 | |
| easy_software_products | cups | 1.1.1 | |
| easy_software_products | cups | 1.1.4 | |
| easy_software_products | cups | 1.1.4_2 | |
| easy_software_products | cups | 1.1.4_3 | |
| easy_software_products | cups | 1.1.4_5 | |
| easy_software_products | cups | 1.1.6 | |
| easy_software_products | cups | 1.1.7 | |
| easy_software_products | cups | 1.1.10 | |
| easy_software_products | cups | 1.1.12 | |
| easy_software_products | cups | 1.1.13 | |
| easy_software_products | cups | 1.1.14 | |
| easy_software_products | cups | 1.1.15 | |
| easy_software_products | cups | 1.1.16 | |
| easy_software_products | cups | 1.1.17 | |
| easy_software_products | cups | 1.1.18 | |
| easy_software_products | cups | 1.1.19 | |
| easy_software_products | cups | 1.1.19_rc5 | |
| easy_software_products | cups | 1.1.20 | |
| easy_software_products | cups | 1.1.21 | |
| easy_software_products | cups | 1.1.22_rc1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2406EA53-15E7-4CFE-850B-D3CF3FA8560A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message."
}
],
"id": "CVE-2004-1270",
"lastModified": "2024-11-20T23:50:28.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18609"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/50-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
"matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
"matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
"matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
"matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
"matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
"matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
"matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
"matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
"matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
"matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
}
],
"id": "CVE-2005-3625",
"lastModified": "2024-11-21T00:02:16.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18908"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/236-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/236-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
"matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en la pila en la funci\u00f3n get_header de header.c de LHA 1.14 utilizado en productos como Barracuda Spam Firewall, permite a atacantes remotos o a usuarios locales ejecutar c\u00f3digo arbitrario mediante nombres de fichero o de directorio largos en un archivo LHA, lo que dispara el desbordamiento cuando se prueba o se extrae un fichero."
}
],
"id": "CVE-2004-0234",
"lastModified": "2024-11-20T23:48:03.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19514"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015866"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "cve@mitre.org",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5753"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5754"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| infoblox | dns_one_appliance | 2.3.1_r5 | |
| infoblox | dns_one_appliance | 2.4.0.8 | |
| infoblox | dns_one_appliance | 2.4.0.8a | |
| isc | dhcpd | 3.0.1 | |
| isc | dhcpd | 3.0.1 | |
| suse | suse_email_server | iii | |
| suse | suse_linux_admin-cd_for_firewall | * | |
| suse | suse_linux_connectivity_server | * | |
| suse | suse_linux_database_server | * | |
| suse | suse_linux_firewall_cd | * | |
| suse | suse_linux_office_server | * | |
| mandrakesoft | mandrake_linux | 9.0 | |
| mandrakesoft | mandrake_linux | 9.1 | |
| mandrakesoft | mandrake_linux | 9.1 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| redhat | fedora_core | core_2.0 | |
| suse | suse_linux | 7 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:infoblox:dns_one_appliance:2.3.1_r5:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAC3BDE-497E-41B1-9436-EB7B41FC24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2E2A23-2579-4AE3-85BE-645D1872F897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7371DD-6617-43B0-B503-46200857E203",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc12:*:*:*:*:*:*",
"matchCriteriaId": "BD76976F-8BE2-4A96-A785-FDE10B0E430A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc13:*:*:*:*:*:*",
"matchCriteriaId": "1A70E5CF-4B56-4201-A481-74A3FD6C4BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*",
"matchCriteriaId": "BD74DAB4-A68E-4748-BC43-2285FC9804D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52E04F16-A0C7-4B0C-A70E-2CA683E0C33B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "941DFF67-E9F6-41F0-A5CB-90105733327D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "117BBA08-9C1B-4CAC-A418-B044D69C27D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52F8C98F-E10C-4FE8-96E7-27426F369E78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDFB81-4DFE-416A-BCE1-ED96AC3E69B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7840155-DCF0-4C34-815B-71F872D31A20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la capacidad de registro de sucesos (logging) del demonio DHCP (DHCPD) de ISC DHCP 3.0.1rc12 y 3.01rc13 permite a atacantes remotos causar una denegaci\u00f3n de servi\u00f3n (ca\u00edda del servidor) y posiblemente ejecutar c\u00f3digo arbitrario mediante multiples opciones de nombre de m\u00e1quina (hostname) en mensajes (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, o (5) NAK, lo que puede generar una cadena larga cuando se escribe en un fichero de registro."
}
],
"id": "CVE-2004-0460",
"lastModified": "2024-11-20T23:48:38.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23265"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/317350"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10590"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/317350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16475"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| infoblox | dns_one_appliance | 2.3.1_r5 | |
| infoblox | dns_one_appliance | 2.4.0.8 | |
| infoblox | dns_one_appliance | 2.4.0.8a | |
| isc | dhcpd | 3.0.1 | |
| isc | dhcpd | 3.0.1 | |
| suse | suse_email_server | iii | |
| suse | suse_linux_admin-cd_for_firewall | * | |
| suse | suse_linux_connectivity_server | * | |
| suse | suse_linux_database_server | * | |
| suse | suse_linux_firewall_cd | * | |
| suse | suse_linux_office_server | * | |
| mandrakesoft | mandrake_linux | 9.0 | |
| mandrakesoft | mandrake_linux | 9.1 | |
| mandrakesoft | mandrake_linux | 9.1 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| redhat | fedora_core | core_2.0 | |
| suse | suse_linux | 7 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:infoblox:dns_one_appliance:2.3.1_r5:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAC3BDE-497E-41B1-9436-EB7B41FC24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2E2A23-2579-4AE3-85BE-645D1872F897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:infoblox:dns_one_appliance:2.4.0.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7371DD-6617-43B0-B503-46200857E203",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc12:*:*:*:*:*:*",
"matchCriteriaId": "BD76976F-8BE2-4A96-A785-FDE10B0E430A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:dhcpd:3.0.1:rc13:*:*:*:*:*:*",
"matchCriteriaId": "1A70E5CF-4B56-4201-A481-74A3FD6C4BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*",
"matchCriteriaId": "BD74DAB4-A68E-4748-BC43-2285FC9804D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52E04F16-A0C7-4B0C-A70E-2CA683E0C33B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "941DFF67-E9F6-41F0-A5CB-90105733327D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "117BBA08-9C1B-4CAC-A418-B044D69C27D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52F8C98F-E10C-4FE8-96E7-27426F369E78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDFB81-4DFE-416A-BCE1-ED96AC3E69B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7840155-DCF0-4C34-815B-71F872D31A20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code."
},
{
"lang": "es",
"value": "El demonio DHCP (DHCPD) de ISC DHCP 3.0.1rc12 y 3.0.1rc13, cuando se compila en entornos que no proveen la funci\u00f3n vsnprintf, usa ficheros de inclusi\u00f3n de C que definen vsnprintf usando la funci\u00f3n menos segura vsprintf, lo que puede ocasionar vulnerabilidades de desbordamiento de b\u00fafer que permitan una denegaci\u00f3n de servicio (ca\u00edda del servidor) y la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2004-0461",
"lastModified": "2024-11-20T23:48:38.247",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23265"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/654390"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10591"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108795911203342\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108843959502356\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108938625206063\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/654390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-174A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16476"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | kde | 3.2 | |
| kde | kde | 3.2.1 | |
| kde | kde | 3.2.2 | |
| kde | kde | 3.2.3 | |
| kde | kde | 3.3 | |
| kde | kde | 3.3.1 | |
| kde | kde | 3.3.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F7180B3-03AC-427C-8CAD-FE06F81C4FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user\u0027s .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares."
}
],
"id": "CVE-2004-1171",
"lastModified": "2024-11-20T23:50:16.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13477"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13486"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13560"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012471"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/12248"
},
{
"source": "cve@mitre.org",
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110178786809694\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110261063201488\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-051.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/305294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041209-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/12248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sec-consult.com/index.php?id=118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-20 10:19
Modified
2024-11-21 00:27
Severity ?
Summary
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 5.0 | |
| redhat | fedora_core | core_5.0 | |
| redhat | fedora_core | core6 | |
| xen | qemu | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "FE524195-06F1-4504-9223-07596588CC70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_multiple_os:*:*:*:*:*",
"matchCriteriaId": "AB55CA0F-06FB-4CED-BB2F-AB99C32062CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
"matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:virtualization:*:*:*:*:*",
"matchCriteriaId": "37E17F28-76A9-4F73-8F58-35390BDCE6EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*",
"matchCriteriaId": "E007512B-2A01-4915-82D1-EDDEE8ED3190",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xen:qemu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AC03235-6F95-414A-8C93-5215E801676E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del servidor VNC en QEMU, como es usada por Xen y posiblemente otros entornos, permite a usuarios locales de un sistema operativo invitado leer archivos arbitrarios en el sistema operativo host por medio de vectores no especificados relacionados con el modo de monitoreo de QEMU, como es demostrado al mapear archivos hacia un dispositivo CDROM. NOTA: algunos de estos detalles son obtenidos a partir de informaci\u00f3n de terceros."
}
],
"id": "CVE-2007-0998",
"lastModified": "2024-11-21T00:27:15.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-20T10:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/cms/node/2802"
},
{
"source": "secalert@redhat.com",
"url": "http://fedoranews.org/cms/node/2803"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/34304"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24575"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/22967"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1017764"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/cms/node/2803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10486"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-04-27 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| htdig | htdig | 3.1.5 | |
| htdig | htdig | 3.1.5_7 | |
| htdig | htdig | 3.1.5_8 | |
| htdig | htdig | 3.1.6 | |
| htdig | htdig | 3.2.0 | |
| htdig | htdig | 3.2.0b2 | |
| htdig | htdig | 3.2.0b3 | |
| htdig | htdig | 3.2.0b4 | |
| htdig | htdig | 3.2.0b5 | |
| htdig | htdig | 3.2.0b6 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| redhat | fedora_core | core_3.0 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:htdig:htdig:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1B424C-CCA5-41F5-A022-A57F31E5A8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.1.5_7:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED8D3ED-DC4B-4D4E-B0C3-61A5723C4EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.1.5_8:*:*:*:*:*:*:*",
"matchCriteriaId": "447995AE-E56D-4C78-9842-D0C380D5B36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8A8C9D-5667-42CB-8C6D-9FB6896E05C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04A77C93-4737-451F-95FA-529D706E5E8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.2.0b2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC385F4-2846-48F4-8BE1-403B9CE362AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.2.0b3:*:*:*:*:*:*:*",
"matchCriteriaId": "74EBEB9A-82D9-4B18-85F3-85A8C8CB3D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.2.0b4:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEF5A3E-91AF-4D19-887A-2629432B7873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.2.0b5:*:*:*:*:*:*:*",
"matchCriteriaId": "52B7F9FD-8F58-4ACF-9787-4EBF906C1623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:htdig:htdig:3.2.0b6:*:*:*:*:*:*:*",
"matchCriteriaId": "53C1D7AC-17E8-480C-B2B4-F76F13691494",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en ht://dig (htdig) anteriores a 3.1.6r7 permite a atacantes remotos ejecutar script web de su elecci\u00f3n o HTML mediante el par\u00e1metro config, que no es limpiado adecuamante antes de ser mostrado en le mensaje de error."
}
],
"id": "CVE-2005-0085",
"lastModified": "2024-11-20T23:54:22.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-04-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14255"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14276"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14303"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14795"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/15007"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17414"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17415"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013078"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-680"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12442"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/15007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. These issues did not affect the versions of htdig as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=144263",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-07 20:19
Modified
2024-11-21 00:24
Severity ?
Summary
Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_core | core_5.0 | |
| gnu | libtool-ltdl | 1.5.22-2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:libtool-ltdl:1.5.22-2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E135ED81-1180-441B-9F60-36F606B99500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the libtool-ltdl library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 might allow local users to execute arbitrary code via a malicious library in the (1) hwcap, (2) 0, and (3) nosegneg subdirectories."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en la biblioteca libtool-ltdl (libltdl.so) 1.5.22-2.3 en Fedora Core 5 podr\u00eda permitir a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante una biblioteca maliciosa en los subdirectorios (1) hwcap, (2) 0, y (3) nosegneg."
}
],
"id": "CVE-2006-7151",
"lastModified": "2024-11-21T00:24:30.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-07T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2378"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/448153/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20434"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/448153/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209930"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | 0.8 | |
| mozilla | firefox | 0.9 | |
| mozilla | firefox | 0.9 | |
| mozilla | firefox | 0.9.1 | |
| mozilla | firefox | 0.9.2 | |
| mozilla | firefox | 0.9.3 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7.1 | |
| mozilla | mozilla | 1.7.2 | |
| mozilla | thunderbird | 0.6 | |
| mozilla | thunderbird | 0.7 | |
| mozilla | thunderbird | 0.7.1 | |
| mozilla | thunderbird | 0.7.2 | |
| mozilla | thunderbird | 0.7.3 | |
| netscape | navigator | 7.0 | |
| netscape | navigator | 7.0.2 | |
| netscape | navigator | 7.1 | |
| netscape | navigator | 7.2 | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_1.0 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 9.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
"matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2A68B4-9101-4AC5-9E82-EEB5A5405541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30A0231A-B664-46C2-9602-B60EAD6AEC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C632D06D-0172-46DA-A7F9-0BC484365BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1BC491-9C5A-46D5-B6C3-5A8E5A1A0AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "842CBD30-B4BA-4FCF-9152-9DBEBE59857C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows."
}
],
"id": "CVE-2004-0904",
"lastModified": "2024-11-20T23:49:38.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/847200"
},
{
"source": "cve@mitre.org",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11171"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/847200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
"matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
"matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
"matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
"matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
"matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
"matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
"matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
"matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
"matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
"matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
}
],
"id": "CVE-2005-3626",
"lastModified": "2024-11-21T00:02:17.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/236-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/236-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code."
},
{
"lang": "es",
"value": "El cargador binfmt_elf (binfmt_elf.c) del kernel de Linux 2.4.x hasta 2.4.27, y 2.6.x a 2.6.8 puede crear una cadena de nombre de int\u00e9rprete sin terminador nulo, lo que podr\u00eda causarf que cadenas m\u00e1s largas que PATH_MAX sean usadas, conduciendo a desbordamientos de b\u00fafer que permiten a usuarios locales causar una denegaci\u00f3n de servicio (cuelgue) y posiblemente ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2004-1072",
"lastModified": "2024-11-20T23:50:01.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19607"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-275.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-275.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
],
"id": "CVE-2004-0802",
"lastModified": "2024-11-20T23:49:26.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 0.2 | |
| freeradius | freeradius | 0.3 | |
| freeradius | freeradius | 0.4 | |
| freeradius | freeradius | 0.5 | |
| freeradius | freeradius | 0.8 | |
| freeradius | freeradius | 0.8.1 | |
| freeradius | freeradius | 0.9 | |
| freeradius | freeradius | 0.9.1 | |
| freeradius | freeradius | 0.9.2 | |
| freeradius | freeradius | 0.9.3 | |
| freeradius | freeradius | 1.0.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | fedora_core | core_2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes."
}
],
"id": "CVE-2004-0961",
"lastModified": "2024-11-20T23:49:46.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10024"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-14 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
"matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDAEAE6-BA9F-4D40-B264-4A72930239E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A76ACC55-754D-4501-8312-5A4E10D053B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8987151-0901-4547-B750-5DC470BB9CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53E60BCC-6D1C-489E-9F3B-9BE42B46704F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66A87ED8-9E1F-4C2C-B806-A41765081C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C795D86F-9B08-41FE-B82B-5BBB3DE6357D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "2637D552-4A3D-4867-B52A-ACCED8681AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC237C8-CFE0-4128-B549-93CD16894E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:*",
"matchCriteriaId": "6B8EA79A-8426-44CF-AF13-58F7EF8B6D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "367A5D46-0FF3-4140-9478-251363822E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA58EE9-05C7-4395-A8A4-5F54BE4C5DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DE4889-424F-4A44-8C14-9F18821CE961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3F91A1-7DD9-4146-8BA4-BE594C66DD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "1003D688-3EEA-45F9-BB2C-5BAB395D7678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED69BEB9-8D83-415B-826D-9D17FB67976B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE678D7-812D-4C55-91B0-F3AC6BE0CD58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BCDB64E5-AE26-43DF-8A66-654D5D22A635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF63077-4E98-497D-8CE6-B84B022DB21D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30A0231A-B664-46C2-9602-B60EAD6AEC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C632D06D-0172-46DA-A7F9-0BC484365BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1BC491-9C5A-46D5-B6C3-5A8E5A1A0AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "842CBD30-B4BA-4FCF-9152-9DBEBE59857C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain."
}
],
"id": "CVE-2004-0905",
"lastModified": "2024-11-20T23:49:38.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2004-09-14T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/651928"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11177"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/651928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality."
},
{
"lang": "es",
"value": "La funci\u00f3n open_exec en la funcionalidad execve (exec.c) en el kernel de Linux 2.4.x hasta 2.3.27, y 2.6.x hasta 2.6.8, permite a usuarios locales leer binarios ELF no legibles usando la funcionalidad de int\u00e9rprete (PT_INTERP).."
}
],
"id": "CVE-2004-1073",
"lastModified": "2024-11-20T23:50:01.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18684"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11503"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2024-11-20 23:50
Severity ?
Summary
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D073442B-D7E7-4E07-AF2D-E22FE65B09A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E942E0E7-0808-479C-B061-66119EBA12E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8710:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68B1272B-8B71-4D2D-A5E4-0E7828500C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8710:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C7B9C0-91A2-4529-B879-60DE043E719C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E25F5CF2-F891-41CA-A40C-13966F72FDF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7417958C-5321-41D6-9D1A-D16BF5511E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0AFD594E-48BA-4281-8DEE-306E3008ABB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
"matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n manipulando el descriptor WMA."
}
],
"id": "CVE-2004-1235",
"lastModified": "2024-11-20T23:50:25.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-04-14T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"source": "cve@mitre.org",
"url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/7804"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/7805"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/7806"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12190"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/7804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/7805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/7806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_core | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:1.0:*:directory_server:*:*:*:*:*",
"matchCriteriaId": "883A1946-9017-4FA7-9517-2D074E764B14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders \"allow\" directives before \"deny\" directives."
}
],
"id": "CVE-2005-3630",
"lastModified": "2024-11-21T00:02:17.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://directory.fedora.redhat.com/wiki/FDS10Announcement"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18939"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16729"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://directory.fedora.redhat.com/wiki/FDS10Announcement"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=121994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F681E4CC-B8D3-48A2-B93E-0363B22B059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76D03B96-8FF3-4FC6-BC38-288F3ADBA9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF2248C-5A71-49FC-88F4-2D1F376155FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A4FD10B2-ED2D-4F55-8F0E-77429C8A716E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F15704-2F2B-4536-A2A0-510B5CE91D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AF43FA-9947-4F26-96E8-1D77BF909AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A46D8D-1535-400B-B1CD-AA2685F4164D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB46ABA-F403-4715-915D-870BD221C8FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD51F01-B47A-47F5-8798-2EB53EB17297",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C127A2E6-F94F-41D5-82AA-60C0190186BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "61291A4C-28A3-433B-80D2-005976851882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65AC9643-E1A5-4013-9607-17C6CC7CC63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "090E2541-2DBA-41CB-A792-9E703C797949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "19F65FF3-71F8-4278-A823-A6E0FF65D9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C71CB60-2689-4A4A-9509-E2F3135E6491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0129E404-3AE8-4F0E-89CB-7F2FA5B47011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "614547F5-9C3F-489B-9B72-91B0FF646CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A052141C-874D-4ED0-99FB-D7468FACFC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9739EA65-9FA8-425E-B355-E690773D5B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3B618F94-DAC2-4A97-9F7F-8BCEA3199769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE7C057-B024-4417-B572-5D396366620E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "34DC3500-F8F0-46E1-B0AA-C2474CCB3DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCD334C-FB95-41A6-8F4C-FCC4E70CE930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "75C86202-3150-440C-B048-BB039E9D3606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98CAF474-0C3A-4E49-8CF8-9DF14D84CDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C92304DE-CFBB-4C03-AA7F-54DB3C14ECF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "04F39AA5-9048-4EE9-B0F2-CE679C673F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2AE5A9-62C5-4DCE-85B3-16F48695B3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F84FB25B-5EA5-48DC-B528-E8CCF714C919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "216145B7-4716-42F7-90DC-03884ECB2271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "898968E5-577E-4B86-A804-EBEC67157A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "920EF846-41D1-429D-AF0F-3D7950F93069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8016DC4F-F410-4401-BDCC-91BE0D44D028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC94A2CF-85DF-4BB5-8F78-470A3454C3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "632D2489-3B5E-466E-A6DF-1EF00303869B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC116E5-B739-4E18-AA51-FFF59EBCA08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEA3806-E33A-49A6-99A4-095B4E543C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7D08FB-30B9-4E42-B831-21A0C095062C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow."
}
],
"id": "CVE-2004-1154",
"lastModified": "2024-11-20T23:50:13.967",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13453/"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2005/dsa-701"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=165\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226184"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_45_samba.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-020.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.samba.org/samba/security/CAN-2004-1154.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11973"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18519"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13453/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=165\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_45_samba.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.samba.org/samba/security/CAN-2004-1154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
],
"id": "CVE-2004-0817",
"lastModified": "2024-11-20T23:49:29.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2024-11-20 23:48
Severity ?
Summary
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory."
}
],
"id": "CVE-2004-0415",
"lastModified": "2024-11-20T23:48:32.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000879"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:087"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16877"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200408-24.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9965"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-07 05:00
Modified
2024-11-20 23:54
Severity ?
Summary
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| larry_wall | perl | 5.8.0 | |
| larry_wall | perl | 5.8.1 | |
| larry_wall | perl | 5.8.3 | |
| larry_wall | perl | 5.8.4 | |
| larry_wall | perl | 5.8.4.1 | |
| larry_wall | perl | 5.8.4.2 | |
| larry_wall | perl | 5.8.4.2.3 | |
| larry_wall | perl | 5.8.4.3 | |
| larry_wall | perl | 5.8.4.4 | |
| larry_wall | perl | 5.8.4.5 | |
| sgi | propack | 3.0 | |
| ibm | aix | 5.2 | |
| ibm | aix | 5.3 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_3.0 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| trustix | secure_linux | 1.5 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| trustix | secure_linux | 2.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D30E072-9E6A-49B4-A5C7-63A328598A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "434F0580-985F-42AF-BA10-FAB7E2C23ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "18B179E0-C843-46C9-AAD2-78E998175E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E5A51-ED4C-4927-8C4D-502E79391E19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "171C82CB-2E92-4D41-B1B1-DCFE929E8270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "25633253-D9DE-41F0-A787-D0E8B2B3B9F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AEDF9611-E4E2-4059-B45E-D3A61AC9DB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49A9D197-D889-4BE4-BE7A-2EE9536A7498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A4538C-3870-431E-A225-D8523D77A4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C8233B3A-E09D-425B-B1A1-65CD170FD384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree."
}
],
"id": "CVE-2005-0156",
"lastModified": "2024-11-20T23:54:32.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-07T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056"
},
{
"source": "cve@mitre.org",
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14120"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/55314"
},
{
"source": "cve@mitre.org",
"url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-103.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-105.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12426"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA--.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/55314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-103.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freeradius | freeradius | 0.2 | |
| freeradius | freeradius | 0.3 | |
| freeradius | freeradius | 0.4 | |
| freeradius | freeradius | 0.5 | |
| freeradius | freeradius | 0.8 | |
| freeradius | freeradius | 0.8.1 | |
| freeradius | freeradius | 0.9 | |
| freeradius | freeradius | 0.9.1 | |
| freeradius | freeradius | 0.9.2 | |
| freeradius | freeradius | 0.9.3 | |
| freeradius | freeradius | 1.0.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | fedora_core | core_2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEDD86F-92B9-43EC-80E3-54010E249FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDB110B-4057-4BA4-993A-9DA14888A093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52C8708B-4D1A-48A7-87DF-DF4B53E66D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0369C1A6-A0FE-4BF8-89F5-5ED384565DAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1638CC08-8886-4863-8532-883A8616592F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4FD4F2-0449-4562-ABF2-927206CB77DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "636F3F00-97A5-4497-A6A9-722AFC5BD689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EECDFCD7-0189-4C59-842D-C5F9064033A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3EC2A3-5FB6-4D39-B1EA-C8E17AF1F0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD634946-ED9B-47EB-8D0F-88EA6057D17C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freeradius:freeradius:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49152208-4DBD-4AF7-BCB3-3D56650899F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument."
}
],
"id": "CVE-2004-0960",
"lastModified": "2024-11-20T23:49:46.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-29.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/541574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11023"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-06-10 04:00
Modified
2024-11-20 23:56
Severity ?
Summary
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lbl | tcpdump | 3.4 | |
| lbl | tcpdump | 3.4a6 | |
| lbl | tcpdump | 3.5 | |
| lbl | tcpdump | 3.5.2 | |
| lbl | tcpdump | 3.5_alpha | |
| lbl | tcpdump | 3.6.2 | |
| lbl | tcpdump | 3.6.3 | |
| lbl | tcpdump | 3.7 | |
| lbl | tcpdump | 3.7.1 | |
| lbl | tcpdump | 3.7.2 | |
| lbl | tcpdump | 3.8.1 | |
| lbl | tcpdump | 3.8.2 | |
| lbl | tcpdump | 3.8.3 | |
| lbl | tcpdump | 3.9 | |
| lbl | tcpdump | 3.9.1 | |
| gentoo | linux | * | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.2 | |
| mandrakesoft | mandrake_linux | 10.2 | |
| redhat | fedora_core | core_3.0 | |
| redhat | fedora_core | core_4.0 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| trustix | secure_linux | 2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B50919-7C67-416D-BA2F-50747CDBE08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.4a6:*:*:*:*:*:*:*",
"matchCriteriaId": "950C6522-3C7F-4E81-8952-246FFE1072C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A6CC000D-857D-4E12-82E6-7F8168B463EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45BACEA9-8C28-4DB6-96F7-D91B06C8EEF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.5_alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "45083B9F-95CC-4EB7-9591-2146084CBBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3214AA7-1EB2-4EC8-96AA-2A9985A5EB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3985632-2246-499E-9F9B-5A416D3AB4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FD63F004-83A9-4CB3-A26D-E82589ED7FE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF65E89-04B7-49F2-ADCE-0BD0A313949E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B76F042D-6D75-4BD3-8530-ED9E760B94A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB530211-6557-4E90-B659-0AC633DEDF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "836F7F79-8ADD-4A4F-BE45-0237206DD055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C1376C-68BC-4EBB-9B94-0E65728983A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C793D15A-646A-477F-A91A-945D5148A9D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lbl:tcpdump:3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB08C13-4146-461A-A35E-D450AAB195E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "F1D16230-3699-4AAA-9CAE-5CAF34628885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet."
}
],
"id": "CVE-2005-1267",
"lastModified": "2024-11-20T23:56:57.833",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-06-10T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15634/"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/17118"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-854"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-505.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/430292/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/13906"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.org/errata/2005/0028/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15634/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/430292/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.org/errata/2005/0028/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "82B7EED3-88ED-4959-9B0D-4593F82B482C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "9651929E-7E3D-4967-B4EC-BC1D87386A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B03A2FFF-D736-436F-AB01-952C90CC88A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "686E6850-2FFB-4A83-9BBB-9C4FB456294E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7077ABB3-CD11-4E1C-9E34-8EC94C1101F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC21C9C1-C8A2-4879-A604-E1192438A847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF89521-977F-425A-BC5B-9D6F2F778125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "22FC7757-3A91-4E49-92C4-603A403BF7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.0_alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "6D17A195-4E9E-49C8-878D-D64CB6DB175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.1_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "56A72779-D978-40E4-B2E6-BA7DB94B1FAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.2_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D1923E-96B6-46F6-8E30-3831CA047C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2BDC99-FA96-4520-9485-F091F0DD4F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7DA2ED-7300-4736-BE05-8B6DE2CD71C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA0C525-DC15-4C9E-BD7E-967BEF3AED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DD50BC1E-6793-44EE-B563-B1095BD710C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA911A6-2192-42F0-9E60-171B221241C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4475B5-443F-4ECD-B095-4D84F9D5F96D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "941DD616-2910-4B61-89E5-5DDAE8E930A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username."
},
{
"lang": "es",
"value": "Error de fuera-por-uno en la funci\u00f3n myasl_canon_user en Cyrus IMAP Server 2.2.9 y anteriores conduce a un desbordamiento de b\u00fafer, lo que puede permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante el nombre de usuario."
}
],
"id": "CVE-2004-1067",
"lastModified": "2024-11-20T23:50:00.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11738"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-37-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-37-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| carnegie_mellon_university | cyrus_imap_server | 2.1.7 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.9 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.10 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.16 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.0_alpha | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.1_beta | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.2_beta | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.3 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.4 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.5 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.6 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.7 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.8 | |
| openpkg | openpkg | current | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| trustix | secure_linux | 2.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7077ABB3-CD11-4E1C-9E34-8EC94C1101F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC21C9C1-C8A2-4879-A604-E1192438A847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF89521-977F-425A-BC5B-9D6F2F778125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "22FC7757-3A91-4E49-92C4-603A403BF7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.0_alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "6D17A195-4E9E-49C8-878D-D64CB6DB175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.1_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "56A72779-D978-40E4-B2E6-BA7DB94B1FAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.2_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D1923E-96B6-46F6-8E30-3831CA047C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2BDC99-FA96-4520-9485-F091F0DD4F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7DA2ED-7300-4736-BE05-8B6DE2CD71C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA0C525-DC15-4C9E-BD7E-967BEF3AED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DD50BC1E-6793-44EE-B563-B1095BD710C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA911A6-2192-42F0-9E60-171B221241C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4475B5-443F-4ECD-B095-4D84F9D5F96D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
"matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015."
},
{
"lang": "es",
"value": "Desbordamiento basado en la pila en Cyrus IMAP Server 2.2.4 a 2.2.8, con la opci\u00f3n imapmagicplus establecida, permite a atacantes remotos ejecuta c\u00f3digo de su elecci\u00f3n mediante un comando PROXY o LOGIN largo, una vulnerabilidad distinta de CAN-2004-1015."
}
],
"id": "CVE-2004-1011",
"lastModified": "2024-11-20T23:49:54.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13274/"
},
{
"source": "cve@mitre.org",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13274/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18198"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-03-21 02:06
Modified
2024-11-21 00:07
Severity ?
Summary
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| x.org | x11r6 | 6.9 | |
| x.org | x11r7 | 1.0 | |
| x.org | x11r7 | 1.0.1 | |
| mandrakesoft | mandrake_linux | 2006 | |
| mandrakesoft | mandrake_linux | 2006 | |
| redhat | fedora_core | core_5.0 | |
| sun | solaris | 10.0 | |
| suse | suse_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3F9809AF-75A2-4E08-9E41-EE9DB960E789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r7:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D02D3FA8-EDCD-4A3C-81CF-FC09633270DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r7:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D35005-EEB1-4FA1-95B5-EFF2ABC31AD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "07EC6C5A-33C9-456A-A8C9-0DF67C76041E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile."
}
],
"id": "CVE-2006-0745",
"lastModified": "2024-11-21T00:07:14.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-03-21T02:06:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19256"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19307"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19311"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19316"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19676"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/606"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1015793"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:056"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2006_16_xorgx11server.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/24000"
},
{
"source": "secalert@redhat.com",
"url": "http://www.osvdb.org/24001"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00026.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/428183/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/428230/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/17169"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/1017"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/1028"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25341"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102252-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_16_xorgx11server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/24001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/428183/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/428230/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/17169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1697"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code."
},
{
"lang": "es",
"value": "El cargador binfmt_elf (binfmt_elf.c) del kernel de Linux 2.4x a 2.4.27, y 2.6.x a 2.6.8 no verifica adecuadamente los valores de retorno de llamadas a la funci\u00f3n kernel_read, lo que puede permitir a usuarios locales modificar informaci\u00f3n sensible en un programa setuid y ejecutar c\u00f3digo de su elecci\u00f3n."
}
],
"id": "CVE-2004-1070",
"lastModified": "2024-11-20T23:50:01.417",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19607"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9450"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
"matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
"matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889."
}
],
"id": "CVE-2004-0888",
"lastModified": "2024-11-20T23:49:36.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-9-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110815379627883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-543.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-592.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-9-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-15 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function."
}
],
"id": "CVE-2004-1335",
"lastModified": "2024-11-20T23:50:37.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory",
"URL Repurposed"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory",
"URL Repurposed"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-07 05:00
Modified
2024-11-20 23:55
Severity ?
Summary
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sylpheed | sylpheed | 0.8.11 | |
| sylpheed | sylpheed | 0.9.4 | |
| sylpheed | sylpheed | 0.9.5 | |
| sylpheed | sylpheed | 0.9.6 | |
| sylpheed | sylpheed | 0.9.7 | |
| sylpheed | sylpheed | 0.9.8 | |
| sylpheed | sylpheed | 0.9.9 | |
| sylpheed | sylpheed | 0.9.10 | |
| sylpheed | sylpheed | 0.9.11 | |
| sylpheed | sylpheed | 0.9.12 | |
| sylpheed | sylpheed | 0.9.99 | |
| sylpheed | sylpheed | 1.0.0 | |
| sylpheed | sylpheed | 1.0.1 | |
| sylpheed | sylpheed | 1.0.2 | |
| sylpheed-claws | sylpheed-claws | 1.0.2 | |
| altlinux | alt_linux | 2.3 | |
| altlinux | alt_linux | 2.3 | |
| gentoo | linux | * | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | fedora_core | core_3.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6E7919D2-ACA7-4BFF-8D86-C63F76C09B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4DAAF875-EBB8-4B6C-99CD-503AFAD5633B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "61E0580E-1F1C-4FF1-80AB-4151CFF6C880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "48AA3783-5007-4869-A699-36E1888C16F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "49731BBA-CC20-4DA2-9A0B-50E4F3CC0A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "49389889-7C64-42FA-A212-6B892C011441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3818AFD5-5667-490A-A6F6-7DC525D56DCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0559156E-5339-4344-AE50-ECB5604E9A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F67B0E-24D6-4B37-93B0-177A1F4D7102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CE43A4BB-E5FC-41CF-A4F7-A83FBB3AFD61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:0.9.99:*:*:*:*:*:*:*",
"matchCriteriaId": "4560B68F-9247-4057-802F-D15AFDFA10A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E81DE243-D5C4-4EF3-B29D-7BBACE42F5F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "30CA4A62-79A8-4739-A76E-3DA3688C107C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed:sylpheed:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDA2A6C-76B4-4323-9AD3-8C30A9013EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sylpheed-claws:sylpheed-claws:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB139F9D-F308-40B2-9ECA-435216309D3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*",
"matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*",
"matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message."
}
],
"id": "CVE-2005-0667",
"lastModified": "2024-11-20T23:55:39.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-03-07T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14491"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013376"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sylpheed.good-day.net/changelog-devel.html.en"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sylpheed.good-day.net/changelog.html.en"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-26.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-303.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sylpheed.good-day.net/changelog-devel.html.en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sylpheed.good-day.net/changelog.html.en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-26.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-303.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-15 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow."
}
],
"id": "CVE-2004-1334",
"lastModified": "2024-11-20T23:50:37.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory",
"URL Repurposed"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory",
"URL Repurposed"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sox | sox | 12.17.2 | |
| sox | sox | 12.17.3 | |
| sox | sox | 12.17.4 | |
| conectiva | linux | 8.0 | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| gentoo | linux | 1.4 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_1.0 | |
| redhat | fedora_core | core_2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sox:sox:12.17.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D8C8486-8397-4B6E-967F-B2AD831B0628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sox:sox:12.17.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D47BE660-68EE-44CD-9F30-5D7CA16795D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sox:sox:12.17.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C2015121-6291-4BB4-AE99-08222A5346F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD14661C-E3BE-44DF-BC8D-294322BF23EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Sound eXchange (SoX) anteriores a 12.17 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ciertos campos de cabecera de ficheros WAV."
}
],
"id": "CVE-2004-0557",
"lastModified": "2024-11-20T23:48:51.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000855"
},
{
"source": "cve@mitre.org",
"url": "http://lwn.net/Articles/95529/"
},
{
"source": "cve@mitre.org",
"url": "http://lwn.net/Articles/95530/"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2004/Jul/1227.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12175"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-565"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:076"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-409.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10819"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1945"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16827"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lwn.net/Articles/95529/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lwn.net/Articles/95530/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2004/Jul/1227.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-409.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9801"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
"matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
"matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888."
}
],
"id": "CVE-2004-0889",
"lastModified": "2024-11-20T23:49:37.087",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109880927526773\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17819"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lesstif | lesstif | 0.93 | |
| lesstif | lesstif | 0.93.12 | |
| lesstif | lesstif | 0.93.18 | |
| lesstif | lesstif | 0.93.34 | |
| lesstif | lesstif | 0.93.36 | |
| lesstif | lesstif | 0.93.40 | |
| lesstif | lesstif | 0.93.91 | |
| lesstif | lesstif | 0.93.94 | |
| lesstif | lesstif | 0.93.96 | |
| x.org | x11r6 | 6.7.0 | |
| x.org | x11r6 | 6.8 | |
| x.org | x11r6 | 6.8.1 | |
| xfree86_project | x11r6 | 3.3 | |
| xfree86_project | x11r6 | 3.3.2 | |
| xfree86_project | x11r6 | 3.3.3 | |
| xfree86_project | x11r6 | 3.3.4 | |
| xfree86_project | x11r6 | 3.3.5 | |
| xfree86_project | x11r6 | 3.3.6 | |
| xfree86_project | x11r6 | 4.0 | |
| xfree86_project | x11r6 | 4.0.1 | |
| xfree86_project | x11r6 | 4.0.2.11 | |
| xfree86_project | x11r6 | 4.0.3 | |
| xfree86_project | x11r6 | 4.1.0 | |
| xfree86_project | x11r6 | 4.1.11 | |
| xfree86_project | x11r6 | 4.1.12 | |
| xfree86_project | x11r6 | 4.2.0 | |
| xfree86_project | x11r6 | 4.2.1 | |
| xfree86_project | x11r6 | 4.2.1 | |
| xfree86_project | x11r6 | 4.3.0 | |
| gentoo | linux | * | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "AC8ECE7C-01E7-42C2-B8D0-20A3F0FF6202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B420D2-2684-4956-9AB2-36A2337F08F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.18:*:*:*:*:*:*:*",
"matchCriteriaId": "617462F8-47C2-418D-ABC3-B72509A65D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.34:*:*:*:*:*:*:*",
"matchCriteriaId": "184385E0-A3A7-4877-BC7B-0AAC48FA197A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.36:*:*:*:*:*:*:*",
"matchCriteriaId": "069774CF-5CD4-4787-A066-5C9054FDCED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.40:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3BF142-D7F7-491D-9175-DC61889237DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.91:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1FC296-553B-460E-88FD-86C530086382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*",
"matchCriteriaId": "63A4B331-2868-46E3-9734-DC3AEFD2F756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lesstif:lesstif:0.93.96:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCCBDBC-FBBD-414E-A4D8-D3C4220E8A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76FFBC43-2178-48DF-B61E-CCBA4682AC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8F506308-E878-4AA5-B5D5-A7E148D63947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D129D08C-AF18-4F9D-9781-64B8C1CFD65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE887A26-0590-40DE-ACE2-28A30E5228AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23FF2D1C-D328-49BE-87CF-938FB533180B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BEECB0ED-A5C9-4675-9CEB-AD6C19EDA7D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B43D5F86-97B2-4175-8ED7-1F937850F9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0946A224-6A0C-4DE3-89F9-200682431737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F33E5444-E178-4F49-BDA1-DE576D8526EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BCC09AA-AB01-4583-8052-66DBF0E1861D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0E49FAA6-E146-4AD5-845E-9445C7D9F088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "43425C85-806B-4823-AD74-D0A0465FC8DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90FA67D9-8296-4534-8354-51B830DE3499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8A000C67-7EA3-47A7-9068-1C8744C182D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "25EDDB93-DD20-4DBE-962B-6334D5A7CB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC4F566-5D54-4364-B5AA-F846A0C8FCEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9D1BD9-4300-43B5-A87B-E2BF74E55C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*",
"matchCriteriaId": "F4B7E143-E24B-40D2-897B-6D516566B7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "837EBF15-6C7D-46B8-8A90-9DFBF2C09FF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE\u0027s content decisions."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en libXpm 6.8.1 y anteriores, usada en XFree86 y otros paquetes, incluyendo\r\n(1) m\u00faltiples desbordamientos de enteros,\r\n(2) accesos de memoria fuera de l\u00edmites,\r\n(3) atravesamiento de directorios,\r\n(4) metacaract\u00e9res de shell,\r\n(5) bucles infinitos, y\r\n(6) filtraciones de memoria\r\npodr\u00edan permitir a atacantes remotos obtener informaci\u00f3n sensible, causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o ejecutar c\u00f3digo de su elecci\u00f3n mediante un cierto fichero de imagen XPM."
}
],
"id": "CVE-2004-0914",
"lastModified": "2024-11-20T23:49:40.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2004-537.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13224/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-607"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.linuxsecurity.com/content/view/106877/102/"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:137"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-610.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11694"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-83-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-83-2"
},
{
"source": "cve@mitre.org",
"url": "http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch"
},
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18142"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18144"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18145"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18146"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18147"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2004-537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13224/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linuxsecurity.com/content/view/106877/102/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-610.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-83-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-83-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.x.org/pub/X11R6.8.1/patches/README.xorg-681-CAN-2004-0914.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9943"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-01 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xmlsoft | libxml | 1.8.17 | |
| xmlsoft | libxml2 | 2.5.11 | |
| xmlsoft | libxml2 | 2.6.6 | |
| xmlsoft | libxml2 | 2.6.7 | |
| xmlsoft | libxml2 | 2.6.8 | |
| xmlsoft | libxml2 | 2.6.9 | |
| xmlsoft | libxml2 | 2.6.11 | |
| xmlsoft | libxml2 | 2.6.12 | |
| xmlsoft | libxml2 | 2.6.13 | |
| xmlsoft | libxml2 | 2.6.14 | |
| xmlstarlet | command_line_xml_toolkit | 0.9.1 | |
| redhat | fedora_core | core_2.0 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C0B552-67E9-48E5-ABFB-AF0CD6DA46FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F8E361-E6D3-4666-B18D-928D550FD5D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8BEC58-AB2A-4953-A2E8-338EB894A494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ABDE6C9A-4F24-42B4-8AA3-3EBC97190322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "44FB2813-BE9F-46A8-864B-435D883CA0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F9DF1336-F831-4507-B45E-574BDE8AA8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "33268B2F-3591-48D9-B123-92E3ABF157F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0830367A-9FB3-4291-88C0-38A471DFD22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "73E4EB1B-2E8B-4504-AB05-F4D4E6B038E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B5815E25-5305-4A32-81B3-89DB1D5C1AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xmlstarlet:command_line_xml_toolkit:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF12410-9F1E-452C-BAA6-22E73A9FA75C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost."
}
],
"id": "CVE-2004-0989",
"lastModified": "2024-11-20T23:49:50.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000890"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109880813013482\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13000"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1011941"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-029.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-582"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/11179"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/11180"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/11324"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-615.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-650.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11526"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17870"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17872"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17875"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17876"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10505"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1173"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-89-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109880813013482\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1011941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-029.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/11179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/11180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/11324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-615.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-650.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-89-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
"matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
"matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
"matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
"matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
"matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
"matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
"matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
"matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
"matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
"matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
}
],
"id": "CVE-2005-3624",
"lastModified": "2024-11-21T00:02:16.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18334"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18913"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/236-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/236-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-15 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow."
}
],
"id": "CVE-2004-1333",
"lastModified": "2024-11-20T23:50:37.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17826"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"source": "cve@mitre.org",
"tags": [
"URL Repurposed"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/47-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"URL Repurposed"
],
"url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/47-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 01:19
Modified
2024-11-21 00:28
Severity ?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFADBA5A-8168-40B8-B5CA-0F1F7F9193D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*",
"matchCriteriaId": "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client_workstation:*:*:*:*:*",
"matchCriteriaId": "50988CF6-07E5-44BA-81C2-C33DD8E7151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia32:*:*:*:*:*",
"matchCriteriaId": "49F400D5-4CA7-4F7D-818B-DEBF58DEB113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "EF15862D-6108-4791-8817-622123C8D10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
"matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
"matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
"matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante una primera l\u00ednea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de mont\u00f3n."
}
],
"evaluatorSolution": "The vendor has addressed this vulnerability in the following product update: http://xorg.freedesktop.org/archive/X11R7.2/patches/",
"id": "CVE-2007-1352",
"lastModified": "2024-11-21T00:28:05.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T01:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "secalert@redhat.com",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24756"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| carnegie_mellon_university | cyrus_imap_server | 2.1.7 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.9 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.10 | |
| carnegie_mellon_university | cyrus_imap_server | 2.1.16 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.0_alpha | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.1_beta | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.2_beta | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.3 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.4 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.5 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.6 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.7 | |
| carnegie_mellon_university | cyrus_imap_server | 2.2.8 | |
| openpkg | openpkg | current | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| trustix | secure_linux | 2.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7077ABB3-CD11-4E1C-9E34-8EC94C1101F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC21C9C1-C8A2-4879-A604-E1192438A847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF89521-977F-425A-BC5B-9D6F2F778125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "22FC7757-3A91-4E49-92C4-603A403BF7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.0_alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "6D17A195-4E9E-49C8-878D-D64CB6DB175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.1_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "56A72779-D978-40E4-B2E6-BA7DB94B1FAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.2_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D1923E-96B6-46F6-8E30-3831CA047C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2BDC99-FA96-4520-9485-F091F0DD4F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7DA2ED-7300-4736-BE05-8B6DE2CD71C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA0C525-DC15-4C9E-BD7E-967BEF3AED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DD50BC1E-6793-44EE-B563-B1095BD710C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA911A6-2192-42F0-9E60-171B221241C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4475B5-443F-4ECD-B095-4D84F9D5F96D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
"matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) \"body[p\", (2) \"binary[p\", or (3) \"binary[p\") that cause an index increment error that leads to an out-of-bounds memory corruption."
},
{
"lang": "es",
"value": "El procesador de argumentos de la orden FETCH de Cyrus IMAP Server 2.2.x a 2.2.8 permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante ciertos comandos como (1) \"body[p\", (2) \"binary[p\", o (3) \"binary[p\" que producen un error de incremento de \u00edndice que conduce a una corrupci\u00f3n de memoria fuera de l\u00edmites."
}
],
"id": "CVE-2004-1013",
"lastModified": "2024-11-20T23:49:54.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13274/"
},
{
"source": "cve@mitre.org",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-31-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110123023521619\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13274/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.e-matters.de/advisories/152004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-31-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The binfmt functionality in the Linux kernel, when \"memory overcommit\" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary."
},
{
"lang": "es",
"value": "La funcionalidad binfmt en el kernel de linux, cuando est\u00e1 establecido memory overcommit, permite a usuarios locales causar una denegaci\u00f3n de servicio (kernel oops) mediante un binario a.out malformado."
}
],
"id": "CVE-2004-1074",
"lastModified": "2024-11-20T23:50:02.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110322596918807\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=linux-kernel\u0026m=110021173607372\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11754"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18290"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110322596918807\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=linux-kernel\u0026m=110021173607372\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2005/0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-07 11:28
Modified
2024-11-21 00:22
Severity ?
Summary
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | privacy_guard | 1.2.4 | |
| gnu | privacy_guard | 1.2.5 | |
| gnu | privacy_guard | 1.2.6 | |
| gnu | privacy_guard | 1.2.7 | |
| gnu | privacy_guard | 1.3.3 | |
| gnu | privacy_guard | 1.3.4 | |
| gnu | privacy_guard | 1.4 | |
| gnu | privacy_guard | 1.4.1 | |
| gnu | privacy_guard | 1.4.2 | |
| gnu | privacy_guard | 1.4.2.1 | |
| gnu | privacy_guard | 1.4.2.2 | |
| gnu | privacy_guard | 1.4.3 | |
| gnu | privacy_guard | 1.4.4 | |
| gnu | privacy_guard | 1.4.5 | |
| gnu | privacy_guard | 1.9.10 | |
| gnu | privacy_guard | 1.9.15 | |
| gnu | privacy_guard | 1.9.20 | |
| gnu | privacy_guard | 2.0 | |
| gnu | privacy_guard | 2.0.1 | |
| gpg4win | gpg4win | 1.0.7 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | enterprise_linux_desktop | 4.0 | |
| redhat | fedora_core | core_5.0 | |
| redhat | fedora_core | core6 | |
| redhat | linux_advanced_workstation | 2.1 | |
| rpath | linux | 1 | |
| slackware | slackware_linux | 11.0 | |
| ubuntu | ubuntu_linux | 5.10 | |
| ubuntu | ubuntu_linux | 6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "76CAFD24-E53F-488C-BD9F-BE31D30828AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D3628A-3BDD-4C6F-AE7D-C81FC3EE1630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "74589745-A9A6-44DB-B4F0-B61B663ECA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2B99CB-5950-42E7-ACD5-38457CBE9095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D81AF47A-56BA-4D90-A4D4-D7A37333A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E55DBB73-EF6C-4C46-9E5A-7C35D7FD190C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "205C014A-236B-44CF-A92D-B4D6392FF9A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F412ECF0-DA84-47B8-98FD-06019C9E63E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE04D970-A467-4648-B99C-895BA8BEE79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C79DC753-35CB-46FA-BDE4-650BD1730505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F54DA969-ABAA-4021-9EC3-C30A45D1A7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B68B13-DC1F-46AB-B360-D04E48A0939F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE65D839-7798-4DE4-AA89-765E91FC6A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B256D201-D3E1-472F-8B4F-8D6D5D763003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1151E8-E9D3-4244-9765-B06D07848AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.15:*:*:*:*:*:*:*",
"matchCriteriaId": "345FBFB9-7FA3-4F7D-B605-A38054744F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.20:*:*:*:*:*:*:*",
"matchCriteriaId": "859126BF-7327-4C54-AE2E-4A961911C937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7461ED0D-1DC2-4019-BEC0-2E9AF2724371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FA38E-5BF1-4CDA-AB4F-19150FD3EE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gpg4win:gpg4win:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "047F3D25-1795-494A-93AC-9AF80AC72680",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*",
"matchCriteriaId": "E007512B-2A01-4915-82D1-EDDEE8ED3190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74022B69-6557-4746-9080-24E4DDA44026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE3B4BE-7B43-47C7-823A-C019DF12498F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9460AD-229A-4DC2-BFBA-818640A464AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory."
},
{
"lang": "es",
"value": "Una vulnerabilidad de \"escritura en pila\" en GnuPG (gpg) 1.x anterior a la 1.4.6, 2.x anterior a la 2.0.2 y 1.9.0 hasta la 1.9.95 permite a atacantes ejecutar c\u00f3digo de su elecci\u00f3n mediante paquetes OpenPGP artesanales que provocan que GnuPG haga referencia a un puntero a funci\u00f3n que est\u00e1 en memoria (en la pila) que ya ha sido liberada."
}
],
"id": "CVE-2006-6235",
"lastModified": "2024-11-21T00:22:13.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-07T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23245"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23250"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23255"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23259"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23269"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23284"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23290"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23299"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23303"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23329"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23335"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23513"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24047"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017349"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "82B7EED3-88ED-4959-9B0D-4593F82B482C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:1.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "9651929E-7E3D-4967-B4EC-BC1D87386A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B03A2FFF-D736-436F-AB01-952C90CC88A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "686E6850-2FFB-4A83-9BBB-9C4FB456294E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7077ABB3-CD11-4E1C-9E34-8EC94C1101F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC21C9C1-C8A2-4879-A604-E1192438A847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF89521-977F-425A-BC5B-9D6F2F778125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "22FC7757-3A91-4E49-92C4-603A403BF7F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.0_alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "6D17A195-4E9E-49C8-878D-D64CB6DB175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.1_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "56A72779-D978-40E4-B2E6-BA7DB94B1FAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.2_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D1923E-96B6-46F6-8E30-3831CA047C7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2BDC99-FA96-4520-9485-F091F0DD4F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE7DA2ED-7300-4736-BE05-8B6DE2CD71C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA0C525-DC15-4C9E-BD7E-967BEF3AED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DD50BC1E-6793-44EE-B563-B1095BD710C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA911A6-2192-42F0-9E60-171B221241C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4475B5-443F-4ECD-B095-4D84F9D5F96D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carnegie_mellon_university:cyrus_imap_server:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "941DD616-2910-4B61-89E5-5DDAE8E930A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en proxyd de Cyrus IMAP Server 2.2.9 y anteriores, con la opci\u00f3n imapmagicplus establecida, puede permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n, una vulnerabilidad distinta de CAN-2004-1011."
}
],
"id": "CVE-2004-1015",
"lastModified": "2024-11-20T23:49:54.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
},
{
"source": "cve@mitre.org",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-announce\u0026msg=145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200411-34.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18274"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-05 05:00
Modified
2024-11-20 23:54
Severity ?
Summary
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7891202C-62AF-4590-9E5F-3514FDA2B38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "A0A3F7B6-2878-40C0-B59C-EBA8D171D2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*",
"matchCriteriaId": "0EB09993-B837-4352-B09D-3656F62638A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0361EA35-FBD7-4E8F-8625-C8100ED7BB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "29EAA113-2404-4ABB-826B-3AA2AA858D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "E3F7EB61-55A5-4776-B0E7-3508920A6CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "A442DE97-4485-4D95-B95D-58947585E455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*",
"matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*",
"matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*",
"matchCriteriaId": "3BA1504C-14FE-4C21-A801-944041F2946F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "21B69535-4FB6-4FAD-AAA6-C790FF82EFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"matchCriteriaId": "6F4AC452-6042-409D-8673-ACAD108EE3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*",
"matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*",
"matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"matchCriteriaId": "9BCD9C12-EDAB-473F-9CC5-04F06B413720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"matchCriteriaId": "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*",
"matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"matchCriteriaId": "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"matchCriteriaId": "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*",
"matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"matchCriteriaId": "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"matchCriteriaId": "AFDA151E-E614-4A24-A34D-B6D5309110CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*",
"matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "09BFA20B-2F31-4246-8F74-63DF1DB884EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*",
"matchCriteriaId": "5F3B4BA2-8A61-4F9A-8E46-7FA80E7F5514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "4AE93D3D-34B4-47B7-A784-61F4479FF5A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*",
"matchCriteriaId": "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*",
"matchCriteriaId": "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release_p8:*:*:*:*:*:*",
"matchCriteriaId": "6E21E50A-A368-4487-A791-87366CC5C86E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*",
"matchCriteriaId": "43E84296-9B5C-4623-A2C4-431D76FC2765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:release_p3:*:*:*:*:*:*",
"matchCriteriaId": "E18328E2-3CB5-4D36-8EA3-77DD909B46A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:releng:*:*:*:*:*:*",
"matchCriteriaId": "EF73D76B-FBB8-4D10-8393-9FAF53392A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.11:stable:*:*:*:*:*:*",
"matchCriteriaId": "F177AE1C-58C2-4575-807C-ABFFC5119FA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "15C4D826-A419-45F5-B91C-1445DB480916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*",
"matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*",
"matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*",
"matchCriteriaId": "8E4BC012-ADE4-468F-9A25-261CD8055694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*",
"matchCriteriaId": "0D6428EB-5E1A-41CB-979C-4C9402251D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*",
"matchCriteriaId": "2DCA9879-C9F5-475A-8EC9-04D151001C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "0A94132F-4C47-49CC-B03C-8756613E9A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*",
"matchCriteriaId": "46A60ED5-1D92-4B40-956F-D1801CAB9039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*",
"matchCriteriaId": "3F629879-66F0-427B-86D8-D740E0E3F6E8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "67E12F60-B4AF-4EF1-A4AA-5E9F0B8B0690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.1.3_up:*:*:*:*:*:*:*",
"matchCriteriaId": "D953B3BB-F054-4FE9-839E-2D8EC5C7973A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "059218D3-A3AD-4A10-9AA4-FBB689321D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"matchCriteriaId": "3F305CBD-4329-44DE-A85C-DE9FF371425E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses."
}
],
"id": "CVE-2005-0109",
"lastModified": "2024-11-20T23:54:26.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2005-03-05T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=freebsd-hackers\u0026m=110994026421858\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=freebsd-security\u0026m=110994370429609\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=openbsd-misc\u0026m=110995101417256\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/15348"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/18165"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013967"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.daemonology.net/hyperthreading-considered-harmful/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.daemonology.net/papers/htt.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/911878"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-800.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12724"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2005/0540"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2005/3002"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.24/SCOSA-2005.24.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=freebsd-hackers\u0026m=110994026421858\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=freebsd-security\u0026m=110994370429609\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=openbsd-misc\u0026m=110995101417256\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/15348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/18165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.daemonology.net/hyperthreading-considered-harmful/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.daemonology.net/papers/htt.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/911878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-800.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2005/0540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2005/3002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9747"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kde | konqueror | 2.1.1 | |
| kde | konqueror | 2.1.2 | |
| kde | konqueror | 2.2.1 | |
| kde | konqueror | 2.2.2 | |
| kde | konqueror | 3.0 | |
| kde | konqueror | 3.0.1 | |
| kde | konqueror | 3.0.2 | |
| kde | konqueror | 3.0.3 | |
| kde | konqueror | 3.0.5 | |
| kde | konqueror | 3.0.5b | |
| kde | konqueror | 3.1 | |
| kde | konqueror | 3.1.1 | |
| kde | konqueror | 3.1.2 | |
| kde | konqueror | 3.1.3 | |
| kde | konqueror | 3.1.4 | |
| kde | konqueror | 3.1.5 | |
| kde | konqueror | 3.2.1 | |
| kde | konqueror | 3.2.2.6 | |
| kde | konqueror | 3.2.3 | |
| kde | konqueror | 3.3 | |
| kde | konqueror | 3.3.1 | |
| kde | konqueror | 3.3.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kde:konqueror:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "417F34FB-A6B0-4090-BDC9-6D4C1BF0D3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61416A22-7309-4890-80B8-6E7C09C7BE8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F918814C-F129-4534-921A-38AF678A7016",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D435E39F-4F70-481B-9225-B072B79BEB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD68BAB-8945-4A22-938E-12C01D0111D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3220BF-B0AF-4C90-89BD-B425EE58021D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA53FB7A-AF7F-45B2-AF23-11B1FC4EC289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "619EB7F6-8694-4344-A4C9-A35DA58391AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7FED2DFC-592C-4FD3-B0B7-C670C78F56DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.0.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC65385-B190-44BE-9AF8-B14F48303046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7BAE27-7AB1-4DBD-98AD-6109F0D9A458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8A54F6-96A9-44B8-97C8-50DA7276708D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1001754B-8EDB-41A2-9D5D-6E2A2B556DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D57D87-3E6A-4A73-85BA-EE679E9DA8D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "60BE888B-FE26-4378-B853-29995A55920C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99E4FC9B-F47C-4BD5-B2C7-23CBAD2D5488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0172B167-5780-4F80-ACC9-2FB8B60D6717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E24B7C8D-FD99-429B-86C2-D508A0D6FBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0DB31D-D075-409C-9ED9-A9E1D96332CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9FBD50-02B9-459D-8600-57897E195A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED38ED0A-3213-4F0C-A76D-DC88B8E5CFBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:konqueror:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0102A8-7149-425C-9956-FB3640BFFA85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the \"window injection\" vulnerability."
}
],
"id": "CVE-2004-1158",
"lastModified": "2024-11-20T23:50:14.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110296048613575\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13254"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13477"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13486"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13560"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041213-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11853"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110296048613575\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/multiple_browsers_window_injection_vulnerability_test/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/secunia_research/2004-13/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041213-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11056"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-21 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:enscript:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39EAF297-5A25-4ACC-B904-A3FBBDCCC142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:enscript:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDCE031-29D1-4F98-BF92-24E12CA6CE45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:enscript:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B899B3C7-9D38-44E8-A2C5-A7B2A3C87C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E366EE3-E642-4C8D-9C8A-C39D1575D125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:enscript:1.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C04B03C2-C586-4495-B8E4-D5DECCFA2684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24957DD9-A63D-4982-B417-1AF27F005AE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:enscript:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "574D0C28-047F-49B0-BBAE-5DA861939F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
"matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
"matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters."
}
],
"id": "CVE-2004-1184",
"lastModified": "2024-11-20T23:50:17.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35074"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012965"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-654"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12329"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/68-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/68-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-01 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_iptables:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7377733D-3EA6-421F-A82A-6CB6BDD84357",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B988FF88-E782-4581-9E24-CDE7E1734258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers."
}
],
"id": "CVE-2004-0986",
"lastModified": "2024-11-20T23:49:50.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-026.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-580"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:125"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11570"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2252"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17928"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-81-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-026.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-81-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-23 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdflib:pdf_library:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A70D7A-D552-49A4-9E6F-B014BF195D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wxgtk2:wxgtk2:2.5_.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2814035-2888-43B9-B597-2CBF17C56FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de b\u00fafer, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ficheros TIFF."
}
],
"id": "CVE-2004-0803",
"lastModified": "2024-11-20T23:49:26.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
},
{
"source": "cve@mitre.org",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scary.beasts.org/security/CESA-2004-006.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/948752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kde.org/info/security/advisory-20041209-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8896"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-16 20:19
Modified
2024-11-21 00:29
Severity ?
Summary
lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | fedora_core | core_5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A423B773-6B8B-4BA3-80A1-C8CAEF4D9BBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "40D8DAE0-8E75-435C-9BD6-FAEED2ACB47C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6172AF57-B26D-45F8-BE3A-F75ABDF28F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked."
},
{
"lang": "es",
"value": "lharc.c en lha no crea archivos temporales de forma segura, lo cual podr\u00eda permitir a usuarios locales leer o escribir archivos creando un archivo antes de que LHA sea invocado."
}
],
"id": "CVE-2007-2030",
"lastModified": "2024-11-21T00:29:44.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-16T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37049"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25519"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:117"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24336"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34063"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n",
"lastModified": "2007-04-18T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netatalk | open_source_apple_file_share_protocol_suite | 1.5_pre6 | |
| netatalk | open_source_apple_file_share_protocol_suite | 1.6.1 | |
| netatalk | open_source_apple_file_share_protocol_suite | 1.6.4 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 9.2 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.0 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux | 10.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netatalk:open_source_apple_file_share_protocol_suite:1.5_pre6:*:*:*:*:*:*:*",
"matchCriteriaId": "D6228C14-971D-43E4-B6CD-B368E82E5139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netatalk:open_source_apple_file_share_protocol_suite:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F2A69EB-1705-414F-A6C2-C99597EE2146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netatalk:open_source_apple_file_share_protocol_suite:1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A363D8A-3544-48A1-99EE-040685CF5444",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files."
}
],
"id": "CVE-2004-0974",
"lastModified": "2024-11-20T23:49:48.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2004/0050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-06 05:00
Modified
2024-11-20 23:48
Severity ?
Summary
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "4D1E6298-EDF5-438F-8DFD-16A514CB938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:i686:*:*:*:*:*",
"matchCriteriaId": "75D77C6F-2125-4548-86ED-70A48E2D335A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:athlon:*:*:*:*:*",
"matchCriteriaId": "36393930-7292-4AEC-8E1E-3D0019934AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:athlon_smp:*:*:*:*:*",
"matchCriteriaId": "C2618F2F-042B-4938-A7C8-2C2D1C387D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i386:*:*:*:*:*",
"matchCriteriaId": "862D6BE3-0712-4745-A0A6-EE6B3F1542AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i386_src:*:*:*:*:*",
"matchCriteriaId": "41A053DD-92F8-4DC7-B331-D462AF3CEB19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i586:*:*:*:*:*",
"matchCriteriaId": "28076543-85FB-4ED8-9EB2-F3C235CC2D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i586_smp:*:*:*:*:*",
"matchCriteriaId": "8A2D5C8E-D36C-4DF2-B02B-A7AEA5E2F89B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i686:*:*:*:*:*",
"matchCriteriaId": "B965D3F0-6FF5-405D-BF47-B59D3B264E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i686_smp:*:*:*:*:*",
"matchCriteriaId": "DA772F5D-5C17-4FEA-AD80-8FCC82627817",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n ubsec_keysetup del controlador de Linux Broadcom 5820 cryptonet permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante una variable add_dsa_buf_bytes negativa, lo que conduce a un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2004-0619",
"lastModified": "2024-11-20T23:48:59.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11936"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10599"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-047.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-27 21:30
Modified
2024-11-21 00:31
Severity ?
Summary
Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | fedora_core | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:*:*:networkmanager:*:*:*:*:*",
"matchCriteriaId": "599701E0-08AA-4998-8E7D-C79DA6E120A5",
"versionEndIncluding": "0.6.5-3.fc7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n wpa_printf en el c\u00f3digo de depuraci\u00f3n de wpa_supplicant en el paquete Fedora NetworkManager versiones anteriores a 0.6.5-3.fc7 permite a atacantes remotos con la complicidad del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante tramas mal formadas en una red WPA2.\r\nNOTA: algunos de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2007-2874",
"lastModified": "2024-11-21T00:31:52.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-07-27T21:30:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-0186"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/46833"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-June/msg00032.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-0186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/46833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-package-announce/2007-June/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2053"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | 1.7 | |
| mozilla | mozilla | 1.7.1 | |
| mozilla | mozilla | 1.7.2 | |
| mozilla | thunderbird | 0.7 | |
| mozilla | thunderbird | 0.7.1 | |
| mozilla | thunderbird | 0.7.2 | |
| mozilla | thunderbird | 0.7.3 | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_1.0 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 7.3 | |
| redhat | linux | 9.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| suse | suse_linux | 1.0 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the \"Send page\" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname."
}
],
"id": "CVE-2004-0902",
"lastModified": "2024-11-20T23:49:38.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669"
},
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066"
},
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316"
},
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-26.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-16 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:desktop_10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49A34783-39EF-471A-9B8B-72CBF2BB3E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:server_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42FB8BA2-8651-4806-9172-0E03F6B7AAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:server_8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79B0F1A4-BE4C-4A33-B1F5-9C158B228D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE73E6EB-6712-4DD8-847B-67CCA9A8E0A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1066BFAC-0156-4440-A32B-BC1B5228DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
],
"id": "CVE-2004-0827",
"lastModified": "2024-11-20T23:49:30.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28800"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samba | samba | 3.0.0 | |
| samba | samba | 3.0.1 | |
| samba | samba | 3.0.2 | |
| samba | samba | 3.0.2a | |
| samba | samba | 3.0.3 | |
| samba | samba | 3.0.4 | |
| samba | samba | 3.0.4 | |
| samba | samba | 3.0.5 | |
| samba | samba | 3.0.6 | |
| samba | samba | 3.0.7 | |
| conectiva | linux | 10.0 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F84FB25B-5EA5-48DC-B528-E8CCF714C919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "216145B7-4716-42F7-90DC-03884ECB2271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "898968E5-577E-4B86-A804-EBEC67157A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "920EF846-41D1-429D-AF0F-3D7950F93069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8016DC4F-F410-4401-BDCC-91BE0D44D028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC94A2CF-85DF-4BB5-8F78-470A3454C3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "632D2489-3B5E-466E-A6DF-1EF00303869B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC116E5-B739-4E18-AA51-FFF59EBCA08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small \"maximum data bytes\" value."
}
],
"id": "CVE-2004-0882",
"lastModified": "2024-11-20T23:49:35.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110054671403755\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110055646329581\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13189"
},
{
"source": "cve@mitre.org",
"url": "http://security.e-matters.de/advisories/132004.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012235"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/p-038.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/457622"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/11782"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.net/errata/2004/0058/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18070"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110054671403755\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110055646329581\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.e-matters.de/advisories/132004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/p-038.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/457622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/11782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.net/errata/2004/0058/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9969"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | |
| easy_software_products | cups | 1.0.4_8 | |
| easy_software_products | cups | 1.1.1 | |
| easy_software_products | cups | 1.1.4 | |
| easy_software_products | cups | 1.1.4_2 | |
| easy_software_products | cups | 1.1.4_3 | |
| easy_software_products | cups | 1.1.4_5 | |
| easy_software_products | cups | 1.1.6 | |
| easy_software_products | cups | 1.1.7 | |
| easy_software_products | cups | 1.1.10 | |
| easy_software_products | cups | 1.1.12 | |
| easy_software_products | cups | 1.1.13 | |
| easy_software_products | cups | 1.1.14 | |
| easy_software_products | cups | 1.1.15 | |
| easy_software_products | cups | 1.1.16 | |
| easy_software_products | cups | 1.1.17 | |
| easy_software_products | cups | 1.1.18 | |
| easy_software_products | cups | 1.1.19 | |
| easy_software_products | cups | 1.1.19_rc5 | |
| easy_software_products | cups | 1.1.20 | |
| easy_software_products | cups | 1.1.21 | |
| easy_software_products | cups | 1.1.22_rc1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2406EA53-15E7-4CFE-850B-D3CF3FA8560A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n ParseCommand en hpgl-input.c del programa hpgltops de CUPS 1.1.22 permite a atacantes remotos ejecutar c\u00f3digo arbitrario medianet un fichero HPGL artesanal."
}
],
"id": "CVE-2004-1267",
"lastModified": "2024-11-20T23:50:28.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18604"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/50-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en el sistema de ficheros de samba (smbfs) en los kernel de Linux 2.4 y 2.6 permite a servidores samba remotos causar una denegaci\u00f3n de servicio (ca\u00edda) u obtener informaci\u00f3n sensible de la memoria del kernel mediante un servidor samba \r\n\r\nque devuelva m\u00e1s datos de los solicitados a la funci\u00f3n smb_proc_read\r\nque devuelva un desplazamiento de datos de fuera del paquete samba a la funci\u00f3n smb_proc_readX, \r\nque env\u00ede una cierto paquete fragmentado TRANS2 a la funci\u00f3n smb_receive_trans2, \r\nque env\u00ede un paquete samba con un cierto tama\u00f1o de cabecera a la funci\u00f3n smb_proc_readX, o \r\n que env\u00ede un cierto desplazamiento basado en el paquete para los datos en un paquete a la funci\u00f3n smb_receive_trans2"
}
],
"id": "CVE-2004-0883",
"lastModified": "2024-11-20T23:49:36.097",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110082989725345\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13232/"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/726198"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18134"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18135"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18136"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110072140811965\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110082989725345\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13232/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.e-matters.de/advisories/142004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/726198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10330"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| samba | samba | 3.0.0 | |
| samba | samba | 3.0.3 | |
| samba | samba | 3.0.4 | |
| samba | samba | 3.0.5 | |
| samba | samba | 3.0.6 | |
| samba | samba | 3.0.7 | |
| sgi | samba | 3.0 | |
| sgi | samba | 3.0.1 | |
| sgi | samba | 3.0.2 | |
| sgi | samba | 3.0.3 | |
| sgi | samba | 3.0.4 | |
| sgi | samba | 3.0.5 | |
| sgi | samba | 3.0.6 | |
| sgi | samba | 3.0.7 | |
| conectiva | linux | 10.0 | |
| gentoo | linux | * | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 2.1 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux | 3.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 | |
| redhat | linux_advanced_workstation | 2.1 | |
| redhat | linux_advanced_workstation | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F84FB25B-5EA5-48DC-B528-E8CCF714C919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8016DC4F-F410-4401-BDCC-91BE0D44D028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC94A2CF-85DF-4BB5-8F78-470A3454C3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC116E5-B739-4E18-AA51-FFF59EBCA08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0:*:irix:*:*:*:*:*",
"matchCriteriaId": "F23093A1-6B11-4116-99C9-A5C6FA4A4B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0.1:*:irix:*:*:*:*:*",
"matchCriteriaId": "3183B6F2-C3EB-4C9D-8489-DA1159480992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0.2:*:irix:*:*:*:*:*",
"matchCriteriaId": "051BA8CA-86BD-45BF-93D6-D85E8FB5D46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0.3:*:irix:*:*:*:*:*",
"matchCriteriaId": "630FE403-9714-4949-9419-40F748638657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0.4:*:irix:*:*:*:*:*",
"matchCriteriaId": "17EE6A8B-6C32-40B4-81F7-070A51178D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0.5:*:irix:*:*:*:*:*",
"matchCriteriaId": "9080B59D-3E86-4731-9453-EF1E27451245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0.6:*:irix:*:*:*:*:*",
"matchCriteriaId": "C69C662B-E08D-44BD-9793-8304426F071F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:samba:3.0.7:*:irix:*:*:*:*:*",
"matchCriteriaId": "5AF07D75-8643-4761-A847-A9F7D3D6E5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters."
}
],
"id": "CVE-2004-0930",
"lastModified": "2024-11-20T23:49:42.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109993720717957\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=156\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:131"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11624"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17987"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-22-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20041201-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109993720717957\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110330519803655\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101783-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200411-21.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=156\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_40_samba.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-22-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
"matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
"matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
"matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
"matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
"matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
"matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
"matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
"matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
"matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
"matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
"matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
"matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
"matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
"matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
"matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
"matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
"matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
"matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
"matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
"matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
"matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
"matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
"matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
"matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
"matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
"matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
"matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code."
},
{
"lang": "es",
"value": "El cargador binfmt_loader (binfmt_elf.c) del kernel de Linux 2.4.x a 2.4.27, y 2.6.x a 2.6.8 no maneja adecuadamente una llamada fallida a la funci\u00f3n nmap, lo que produce una imagen incorrectamente mapeada y puede permitir a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n."
}
],
"id": "CVE-2004-1071",
"lastModified": "2024-11-20T23:50:01.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19607"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "cve@mitre.org",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9917"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-04-27 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ascii:ptex:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE020D3-0F38-4F53-AFB7-B4E98EAC659F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cstex:cstetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E16058D9-AC8B-4A7C-865F-93B476348363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.110:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB6AE42-D493-43E5-A97C-76C8450E5881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
"matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
"matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
"matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
"matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
"matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "739A56F5-B19A-4B92-B9CB-04ECE4FFE204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:advanced_linux_environment:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A05AC3EE-6292-4ECC-9680-048A12FCE723",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
"matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
"matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
},
{
"lang": "es",
"value": "El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podr\u00eda dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales."
}
],
"id": "CVE-2005-0206",
"lastModified": "2024-11-20T23:54:38.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-04-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-27 05:00
Modified
2024-11-20 23:55
Severity ?
Summary
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "361D407D-A4BE-491D-BC8E-32E78DC4A8F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*",
"matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D073E9-E535-4B36-BEF2-8499536E37DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value."
}
],
"id": "CVE-2005-0750",
"lastModified": "2024-11-20T23:55:49.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-27T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-284.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/12911"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-283.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-284.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| easy_software_products | cups | 1.0.4 | |
| easy_software_products | cups | 1.0.4_8 | |
| easy_software_products | cups | 1.1.1 | |
| easy_software_products | cups | 1.1.4 | |
| easy_software_products | cups | 1.1.4_2 | |
| easy_software_products | cups | 1.1.4_3 | |
| easy_software_products | cups | 1.1.4_5 | |
| easy_software_products | cups | 1.1.6 | |
| easy_software_products | cups | 1.1.7 | |
| easy_software_products | cups | 1.1.10 | |
| easy_software_products | cups | 1.1.12 | |
| easy_software_products | cups | 1.1.13 | |
| easy_software_products | cups | 1.1.14 | |
| easy_software_products | cups | 1.1.15 | |
| easy_software_products | cups | 1.1.16 | |
| easy_software_products | cups | 1.1.17 | |
| easy_software_products | cups | 1.1.18 | |
| easy_software_products | cups | 1.1.19 | |
| easy_software_products | cups | 1.1.19_rc5 | |
| easy_software_products | cups | 1.1.20 | |
| easy_software_products | cups | 1.1.21 | |
| easy_software_products | cups | 1.1.22_rc1 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
"matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
"matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
"matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2406EA53-15E7-4CFE-850B-D3CF3FA8560A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail."
}
],
"id": "CVE-2004-1269",
"lastModified": "2024-11-20T23:50:28.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18608"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/50-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://tigger.uic.edu/~jlongs2/holes/cups2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/50-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-09 05:00
Modified
2024-11-20 23:55
Severity ?
Summary
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| conectiva | linux | 10.0 | |
| linux | linux_kernel | 2.6.0 | |
| linux | linux_kernel | 2.6.1 | |
| linux | linux_kernel | 2.6.2 | |
| linux | linux_kernel | 2.6.3 | |
| linux | linux_kernel | 2.6.4 | |
| linux | linux_kernel | 2.6.5 | |
| linux | linux_kernel | 2.6.6 | |
| linux | linux_kernel | 2.6.7 | |
| linux | linux_kernel | 2.6.8 | |
| linux | linux_kernel | 2.6.9 | |
| linux | linux_kernel | 2.6.10 | |
| linux | linux_kernel | 2.6.11 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux_desktop | 4.0 | |
| redhat | fedora_core | core_2.0 | |
| redhat | fedora_core | core_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
"matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events."
}
],
"id": "CVE-2005-0736",
"lastModified": "2024-11-20T23:55:47.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://linux.bkbits.net:8080/linux-2.6/cset%40422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html%7CChangeSet%40-1d"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12763"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/95-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.bkbits.net:8080/linux-2.6/cset%40422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html%7CChangeSet%40-1d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/95-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}