All the vulnerabilites related to sun - java_desktop_system
Vulnerability from fkie_nvd
Published
2008-12-11 15:30
Modified
2024-11-21 00:54
Severity ?
Summary
Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | ray_server_software | 3.0 | |
| sun | ray_server_software | 3.1 | |
| sun | ray_server_software | 4.0 | |
| sun | solaris | 8 | |
| sun | solaris | 9 | |
| sun | solaris | 10 | |
| sun | ray_server_software | 3.1 | |
| sun | ray_server_software | 4.0 | |
| sun | solaris | 10 | |
| sun | ray_server_software | 3.1.1 | |
| sun | ray_server_software | 4.0 | |
| novell | suse_linux_enterprise_server | 9 | |
| redhat | enterprise_linux | 4 | |
| sun | ray_server_software | 3.0 | |
| sun | ray_server_software | 3.1 | |
| sun | java_desktop_system | 2.0 | |
| novell | suse_linux_enterprise_server | 8 | |
| redhat | enterprise_linux | 3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7D0CE9C1-18FF-4E85-B570-1A9771616559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "42C7BEE0-2BB5-4945-A352-380E6B89115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "CAE615D0-41D5-46DD-86D4-B226068C58A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DBDFD8C-371E-42D2-9635-D8CDD1775984",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*",
"matchCriteriaId": "14CFA6D3-A611-4DF0-97AB-C30B79833DFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7FBA68F0-4577-46F5-A754-D365B6EFF872",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "6017DA4B-4B2C-4611-9DFC-25C4F429515C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "5B17D330-9E56-478F-A2C2-D4524B04CC5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*",
"matchCriteriaId": "E79CFAA6-A08A-4C70-A3D9-B02C29A17FF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "FD210ED7-C05B-45D2-BE3F-19ED9E8AB274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "2621BD59-0ED4-402E-98EB-0F643078F4CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "18BE709B-6EEB-489D-B982-6D0D978D1D20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "0D89C3A6-C174-4D55-8DB8-343627516967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "1E517321-3661-4C8C-9404-E90933FD10D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "11873A8B-1C1F-4AD8-86AE-B3AEB58F58CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:8:*:*:*:*:*:*:*",
"matchCriteriaId": "03633A39-A07A-41B1-BF47-3DA3591F7896",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "80220C9F-4E73-448C-8E2E-F1AECAD56419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors."
},
{
"lang": "es",
"value": "Sun Sun Ray Server Software v3.1 a v4.0 no restringe el acceso apropiadamente, lo que permite a atacantes remotos descubrir la contrase\u00f1a de administraci\u00f3n de Sun Ray y obtener acceso admin a el Data Store y la Administration GUI, mediante vectores no especificados."
}
],
"id": "CVE-2008-5422",
"lastModified": "2024-11-21T00:54:04.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-12-11T15:30:00.457",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33108"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32769"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021383"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47253"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-16 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:desktop_10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49A34783-39EF-471A-9B8B-72CBF2BB3E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:server_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42FB8BA2-8651-4806-9172-0E03F6B7AAD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:server_8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79B0F1A4-BE4C-4A33-B1F5-9C158B228D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE73E6EB-6712-4DD8-847B-67CCA9A8E0A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1066BFAC-0156-4440-A32B-BC1B5228DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
],
"id": "CVE-2004-0827",
"lastModified": "2024-11-20T23:49:30.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28800"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
],
"id": "CVE-2004-0802",
"lastModified": "2024-11-20T23:49:26.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-16 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxprinting.org | foomatic-filters | 3.0 | |
| linuxprinting.org | foomatic-filters | 3.0.1 | |
| linuxprinting.org | foomatic-filters | 3.0.2 | |
| linuxprinting.org | foomatic-filters | 3.1 | |
| sun | java_desktop_system | 2.0 | |
| sun | java_desktop_system | 2003 | |
| conectiva | linux | 9.0 | |
| conectiva | linux | 10.0 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxprinting.org:foomatic-filters:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2642AF2-7F39-4130-8DAE-189CA2B3918B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxprinting.org:foomatic-filters:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C984403A-384F-4AFE-825C-F0C9723BC725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxprinting.org:foomatic-filters:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD50E11-BE32-413A-B987-C8A23D7F61C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxprinting.org:foomatic-filters:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "144B2808-54D9-4497-8FF8-EBADF248A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands."
}
],
"id": "CVE-2004-0801",
"lastModified": "2024-11-20T23:49:26.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000880"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12557/"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20312"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:094"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2004_31_cups.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11184"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.net/errata/2004/0047/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12557/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.novell.com/linux/security/advisories/2004_31_cups.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.trustix.net/errata/2004/0047/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17388"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | a2ps | 4.13 | |
| gnu | a2ps | 4.13b | |
| sun | java_desktop_system | 2.0 | |
| sun | java_desktop_system | 2003 | |
| suse | suse_linux | 8 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:a2ps:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AC69D9F0-0F97-43AA-929D-432865098239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:a2ps:4.13b:*:*:*:*:*:*:*",
"matchCriteriaId": "59EB22BD-FA9C-4715-A948-3309E3AD1F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename."
}
],
"id": "CVE-2004-1170",
"lastModified": "2024-11-20T23:50:16.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/283134"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110598355226660\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12375"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1\u0026searchclause="
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:140"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securiteam.com/unixfocus/5MP0N2KDPA.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/419765/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11025"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/283134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110598355226660\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1\u0026searchclause="
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securiteam.com/unixfocus/5MP0N2KDPA.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/419765/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17127"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
],
"id": "CVE-2004-0817",
"lastModified": "2024-11-20T23:49:29.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-11 15:30
Modified
2024-11-21 00:54
Severity ?
Summary
Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | ray_server_software | 3.0 | |
| sun | ray_server_software | 3.1 | |
| sun | ray_server_software | 4.0 | |
| sun | solaris | 8 | |
| sun | solaris | 9 | |
| sun | solaris | 10 | |
| sun | ray_server_software | 3.1 | |
| sun | ray_server_software | 4.0 | |
| sun | solaris | 10 | |
| sun | ray_windows_connector | 1.1 | |
| sun | ray_windows_connector | 2.0 | |
| sun | ray_server_software | 3.1 | |
| sun | ray_server_software | 4.0 | |
| sun | ray_windows_connector | 1.1 | |
| sun | ray_windows_connector | 2.0 | |
| sun | ray_server_software | 3.1 | |
| sun | ray_server_software | 4.0 | |
| sun | ray_windows_connector | 1.1 | |
| sun | ray_windows_connector | 2.0 | |
| sun | ray_server_software | 3.1.1 | |
| sun | ray_server_software | 4.0 | |
| sun | ray_server_software | 3.1.1 | |
| sun | ray_server_software | 4.0 | |
| novell | suse_linux_enterprise_server | 9 | |
| redhat | enterprise_linux | 4 | |
| sun | ray_server_software | 3.0 | |
| sun | ray_server_software | 3.1 | |
| sun | java_desktop_system | 2.0 | |
| novell | suse_linux_enterprise_server | 8 | |
| redhat | enterprise_linux | 3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7D0CE9C1-18FF-4E85-B570-1A9771616559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "42C7BEE0-2BB5-4945-A352-380E6B89115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "CAE615D0-41D5-46DD-86D4-B226068C58A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6DBDFD8C-371E-42D2-9635-D8CDD1775984",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*",
"matchCriteriaId": "14CFA6D3-A611-4DF0-97AB-C30B79833DFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7FBA68F0-4577-46F5-A754-D365B6EFF872",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "6017DA4B-4B2C-4611-9DFC-25C4F429515C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "5B17D330-9E56-478F-A2C2-D4524B04CC5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*",
"matchCriteriaId": "E79CFAA6-A08A-4C70-A3D9-B02C29A17FF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:1.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "BF7DCDD7-B3F1-4350-ACEC-A2D6176C3C99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:2.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "8C672780-F3E2-4EA3-B577-BB3FF8567AE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "42C7BEE0-2BB5-4945-A352-380E6B89115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "CAE615D0-41D5-46DD-86D4-B226068C58A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:1.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "F8A8665A-796E-4209-B76B-13461E9BC88A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:2.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "3998743C-A5B6-4751-9CE7-B964D52B21FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "6017DA4B-4B2C-4611-9DFC-25C4F429515C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "5B17D330-9E56-478F-A2C2-D4524B04CC5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "AE37C26E-746B-4939-A80E-1DC80D78EB83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_windows_connector:2.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "328EAA35-CBAC-4D12-974A-E2934753D0B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "FD210ED7-C05B-45D2-BE3F-19ED9E8AB274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "2621BD59-0ED4-402E-98EB-0F643078F4CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "FD210ED7-C05B-45D2-BE3F-19ED9E8AB274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:4.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "2621BD59-0ED4-402E-98EB-0F643078F4CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "18BE709B-6EEB-489D-B982-6D0D978D1D20",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "0D89C3A6-C174-4D55-8DB8-343627516967",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "1E517321-3661-4C8C-9404-E90933FD10D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:ray_server_software:3.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "11873A8B-1C1F-4AD8-86AE-B3AEB58F58CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:8:*:*:*:*:*:*:*",
"matchCriteriaId": "03633A39-A07A-41B1-BF47-3DA3591F7896",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "80220C9F-4E73-448C-8E2E-F1AECAD56419",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector."
},
{
"lang": "es",
"value": "Sun Ray Server Software v3.x y v4.0 y Sun Ray Windows Connector v1.1 y v2.0 exponen la contrase\u00f1a LDAP durante un paso de configuraci\u00f3n, lo que permite a usuarios locales descubrir la contrase\u00f1a de administraci\u00f3n de Sun Ray y obtener acceso admin a el Data Store y el Administration GUI, mediante vectores no especificados relacionados con el componente utconfig de el Server Software y el componente uttscadm de el Windows Connector."
}
],
"id": "CVE-2008-5423",
"lastModified": "2024-11-21T00:54:04.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-12-11T15:30:00.487",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33108"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33119"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021379"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32772"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3407"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47258"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2004-0827
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.vupen.com/english/advisories/2008/0412 | vdb-entry, x_refsource_VUPEN | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.debian.org/security/2004/dsa-547 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2004-494.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.redhat.com/support/errata/RHSA-2004-480.html | vendor-advisory, x_refsource_REDHAT | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1 | vendor-advisory, x_refsource_SUNALERT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17173 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/28800 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11123",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28800"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:11123",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28800"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:11123",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
},
{
"name": "ADV-2008-0412",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0412"
},
{
"name": "201006",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
},
{
"name": "DSA-547",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-547"
},
{
"name": "RHSA-2004:494",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
},
{
"name": "RHSA-2004:480",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
},
{
"name": "231321",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
},
{
"name": "imagemagick-bmp-Bo(17173)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
},
{
"name": "28800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28800"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0827",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-02T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5422
Vulnerability from cvelistv5
Published
2008-12-11 15:00
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm | x_refsource_CONFIRM | |
| http://secunia.com/advisories/33108 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32769 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47253 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/3406 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1021383 | vdb-entry, x_refsource_SECTRACK | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1 | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:45.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm"
},
{
"name": "33108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33108"
},
{
"name": "32769",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32769"
},
{
"name": "rayserver-unspecified-security-bypass(47253)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47253"
},
{
"name": "ADV-2008-3406",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"name": "1021383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021383"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"name": "240365",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm"
},
{
"name": "33108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33108"
},
{
"name": "32769",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32769"
},
{
"name": "rayserver-unspecified-security-bypass(47253)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47253"
},
{
"name": "ADV-2008-3406",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"name": "1021383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021383"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"name": "240365",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-502.htm"
},
{
"name": "33108",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33108"
},
{
"name": "32769",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32769"
},
{
"name": "rayserver-unspecified-security-bypass(47253)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47253"
},
{
"name": "ADV-2008-3406",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"name": "1021383",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021383"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"name": "240365",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240365-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5422",
"datePublished": "2008-12-11T15:00:00",
"dateReserved": "2008-12-11T00:00:00",
"dateUpdated": "2024-08-07T10:56:45.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0817
Vulnerability from cvelistv5
Published
2004-09-17 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2004-465.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.debian.org/security/2004/dsa-548 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:089 | vendor-advisory, x_refsource_MANDRAKE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17182 | vdb-entry, x_refsource_XF | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.securityfocus.com/bid/11084 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:465",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
},
{
"name": "DSA-548",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-548"
},
{
"name": "MDKSA-2004:089",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
},
{
"name": "imlib-bmp-bo(17182)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
},
{
"name": "201611",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "11084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "oval:org.mitre.oval:def:8843",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
},
{
"name": "GLSA-200409-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0817",
"datePublished": "2004-09-17T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0802
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
References
| ▼ | URL | Tags |
|---|---|---|
| http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup | x_refsource_MISC | |
| http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html | x_refsource_CONFIRM | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 | vendor-advisory, x_refsource_CONECTIVA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17183 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/11084 | vdb-entry, x_refsource_BID | |
| http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup",
"refsource": "MISC",
"url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
},
{
"name": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html",
"refsource": "CONFIRM",
"url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
},
{
"name": "201611",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
},
{
"name": "CLA-2004:870",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
},
{
"name": "imlib2-bmp-bo(17183)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
},
{
"name": "11084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11084"
},
{
"name": "MDKSA-2004:089",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
},
{
"name": "GLSA-200409-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0802",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0801
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2004:031",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_31_cups.html"
},
{
"name": "1000757",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1"
},
{
"name": "SCOSA-2005.12",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt"
},
{
"name": "SUSE-SA:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0007.html"
},
{
"name": "foomatic-command-execution(17388)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17388"
},
{
"name": "CLA-2004:880",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000880"
},
{
"name": "2004-0047",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.net/errata/2004/0047/"
},
{
"name": "MDKSA-2004:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:094"
},
{
"name": "11184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11184"
},
{
"name": "12557",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12557/"
},
{
"name": "201005",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1"
},
{
"name": "20312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SA:2004:031",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_31_cups.html"
},
{
"name": "1000757",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1"
},
{
"name": "SCOSA-2005.12",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt"
},
{
"name": "SUSE-SA:2006:026",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0007.html"
},
{
"name": "foomatic-command-execution(17388)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17388"
},
{
"name": "CLA-2004:880",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000880"
},
{
"name": "2004-0047",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.net/errata/2004/0047/"
},
{
"name": "MDKSA-2004:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:094"
},
{
"name": "11184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11184"
},
{
"name": "12557",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12557/"
},
{
"name": "201005",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1"
},
{
"name": "20312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2004:031",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_31_cups.html"
},
{
"name": "1000757",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000757.1-1"
},
{
"name": "SCOSA-2005.12",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.12/SCOSA-2005.12.txt"
},
{
"name": "SUSE-SA:2006:026",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0007.html"
},
{
"name": "foomatic-command-execution(17388)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17388"
},
{
"name": "CLA-2004:880",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000880"
},
{
"name": "2004-0047",
"refsource": "TRUSTIX",
"url": "http://www.trustix.net/errata/2004/0047/"
},
{
"name": "MDKSA-2004:094",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:094"
},
{
"name": "11184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11184"
},
{
"name": "12557",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12557/"
},
{
"name": "201005",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201005-1"
},
{
"name": "20312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0801",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-08-25T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5423
Vulnerability from cvelistv5
Published
2008-12-11 15:00
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33119 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/32772 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/33108 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/47258 | vdb-entry, x_refsource_XF | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1 | x_refsource_CONFIRM | |
| http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1021379 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/3406 | vdb-entry, x_refsource_VUPEN | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2008/3407 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:45.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33119"
},
{
"name": "32772",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32772"
},
{
"name": "33108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33108"
},
{
"name": "rayserver-raywinconnector-security-bypass(47258)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47258"
},
{
"name": "240506",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm"
},
{
"name": "1021379",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021379"
},
{
"name": "ADV-2008-3406",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"name": "ADV-2008-3407",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3407"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33119",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33119"
},
{
"name": "32772",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32772"
},
{
"name": "33108",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33108"
},
{
"name": "rayserver-raywinconnector-security-bypass(47258)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47258"
},
{
"name": "240506",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm"
},
{
"name": "1021379",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021379"
},
{
"name": "ADV-2008-3406",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"name": "ADV-2008-3407",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3407"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors related to the utconfig component of the Server Software and the uttscadm component of the Windows Connector."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33119",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33119"
},
{
"name": "32772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32772"
},
{
"name": "33108",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33108"
},
{
"name": "rayserver-raywinconnector-security-bypass(47258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47258"
},
{
"name": "240506",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240506-1"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127556-03-1"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-500.htm"
},
{
"name": "1021379",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021379"
},
{
"name": "ADV-2008-3406",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3406"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127553-04-1"
},
{
"name": "ADV-2008-3407",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3407"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5423",
"datePublished": "2008-12-11T15:00:00",
"dateReserved": "2008-12-11T00:00:00",
"dateUpdated": "2024-08-07T10:56:45.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1170
Vulnerability from cvelistv5
Published
2004-12-10 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bugs.debian.org/283134 | x_refsource_CONFIRM | |
| http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html | mailing-list, x_refsource_FULLDISC | |
| http://marc.info/?l=bugtraq&m=110598355226660&w=2 | vendor-advisory, x_refsource_OPENPKG | |
| http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html | vendor-advisory, x_refsource_SUSE | |
| http://www.securiteam.com/unixfocus/5MP0N2KDPA.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/419765/100/0/threaded | vendor-advisory, x_refsource_FEDORA | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1&searchclause= | vendor-advisory, x_refsource_SUNALERT | |
| http://secunia.com/advisories/12375 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17127 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:140 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.securityfocus.com/bid/11025 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:01.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/283134"
},
{
"name": "20040824 a2ps executing shell commands from file name",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html"
},
{
"name": "OpenPKG-SA-2005.003",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110598355226660\u0026w=2"
},
{
"name": "SUSE-SA:2004:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/unixfocus/5MP0N2KDPA.html"
},
{
"name": "FLSA:152870",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/419765/100/0/threaded"
},
{
"name": "57649",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1\u0026searchclause="
},
{
"name": "12375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12375"
},
{
"name": "gnu-a2ps-gain-privileges(17127)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17127"
},
{
"name": "MDKSA-2004:140",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:140"
},
{
"name": "11025",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11025"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/283134"
},
{
"name": "20040824 a2ps executing shell commands from file name",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html"
},
{
"name": "OpenPKG-SA-2005.003",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110598355226660\u0026w=2"
},
{
"name": "SUSE-SA:2004:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/unixfocus/5MP0N2KDPA.html"
},
{
"name": "FLSA:152870",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/419765/100/0/threaded"
},
{
"name": "57649",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1\u0026searchclause="
},
{
"name": "12375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12375"
},
{
"name": "gnu-a2ps-gain-privileges(17127)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17127"
},
{
"name": "MDKSA-2004:140",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:140"
},
{
"name": "11025",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11025"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1170",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/283134",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/283134"
},
{
"name": "20040824 a2ps executing shell commands from file name",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html"
},
{
"name": "OpenPKG-SA-2005.003",
"refsource": "OPENPKG",
"url": "http://marc.info/?l=bugtraq\u0026m=110598355226660\u0026w=2"
},
{
"name": "SUSE-SA:2004:034",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_34_xfree86_libs_xshared.html"
},
{
"name": "http://www.securiteam.com/unixfocus/5MP0N2KDPA.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/unixfocus/5MP0N2KDPA.html"
},
{
"name": "FLSA:152870",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/419765/100/0/threaded"
},
{
"name": "57649",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57649-1\u0026searchclause="
},
{
"name": "12375",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12375"
},
{
"name": "gnu-a2ps-gain-privileges(17127)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17127"
},
{
"name": "MDKSA-2004:140",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:140"
},
{
"name": "11025",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11025"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1170",
"datePublished": "2004-12-10T05:00:00",
"dateReserved": "2004-12-09T00:00:00",
"dateUpdated": "2024-08-08T00:39:01.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}