Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2005-03-02 05:00

Modified

2024-11-20 23:55

Severity ?

Summary

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

References

URL	Tags
cve@mitre.org	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt
cve@mitre.org	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U
cve@mitre.org	http://bugs.gentoo.org/show_bug.cgi?id=83598	Patch, Vendor Advisory
cve@mitre.org	http://bugs.gentoo.org/show_bug.cgi?id=83655	Patch, Vendor Advisory
cve@mitre.org	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
cve@mitre.org	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
cve@mitre.org	http://secunia.com/advisories/14460
cve@mitre.org	http://secunia.com/advisories/18049
cve@mitre.org	http://secunia.com/advisories/18316
cve@mitre.org	http://secunia.com/advisories/19624
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200503-08.xml	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1013339	Patch, Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2005/dsa-723	Patch, Vendor Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-044.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-198.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-331.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-412.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-473.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2008-0261.html
cve@mitre.org	http://www.securityfocus.com/bid/12714	Patch, Vendor Advisory
cve@mitre.org	https://bugs.freedesktop.org/attachment.cgi?id=1909	Vendor Advisory
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411
cve@mitre.org	https://usn.ubuntu.com/92-1/
cve@mitre.org	https://usn.ubuntu.com/97-1/
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=83598	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=83655	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14460
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18049
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18316
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19624
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200503-08.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1013339	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-723	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-044.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-198.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-331.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-412.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-473.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0261.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12714	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugs.freedesktop.org/attachment.cgi?id=1909	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/92-1/
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/97-1/

Impacted products

Vendor	Product	Version
lesstif	lesstif	0.93.94
sgi	propack	3.0
x.org	x11r6	6.7.0
x.org	x11r6	6.8
x.org	x11r6	6.8.1
xfree86_project	x11r6	3.3
xfree86_project	x11r6	3.3.2
xfree86_project	x11r6	3.3.3
xfree86_project	x11r6	3.3.4
xfree86_project	x11r6	3.3.5
xfree86_project	x11r6	3.3.6
xfree86_project	x11r6	4.0
xfree86_project	x11r6	4.0.1
xfree86_project	x11r6	4.0.2.11
xfree86_project	x11r6	4.0.3
xfree86_project	x11r6	4.1.0
xfree86_project	x11r6	4.1.11
xfree86_project	x11r6	4.1.12
xfree86_project	x11r6	4.2.0
xfree86_project	x11r6	4.2.1
xfree86_project	x11r6	4.2.1
xfree86_project	x11r6	4.3.0
xfree86_project	x11r6	4.3.0.1
xfree86_project	x11r6	4.3.0.2
altlinux	alt_linux	2.3
altlinux	alt_linux	2.3
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
suse	suse_linux	6.1
suse	suse_linux	6.1
suse	suse_linux	6.2
suse	suse_linux	6.3
suse	suse_linux	6.3
suse	suse_linux	6.3
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.2
suse	suse_linux	7.2
suse	suse_linux	7.3
suse	suse_linux	7.3
suse	suse_linux	7.3
suse	suse_linux	7.3
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.2
suse	suse_linux	9.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "63A4B331-2868-46E3-9734-DC3AEFD2F756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76FFBC43-2178-48DF-B61E-CCBA4682AC5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F506308-E878-4AA5-B5D5-A7E148D63947",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D129D08C-AF18-4F9D-9781-64B8C1CFD65E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE887A26-0590-40DE-ACE2-28A30E5228AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23FF2D1C-D328-49BE-87CF-938FB533180B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEECB0ED-A5C9-4675-9CEB-AD6C19EDA7D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B43D5F86-97B2-4175-8ED7-1F937850F9DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0946A224-6A0C-4DE3-89F9-200682431737",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33E5444-E178-4F49-BDA1-DE576D8526EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BCC09AA-AB01-4583-8052-66DBF0E1861D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E49FAA6-E146-4AD5-845E-9445C7D9F088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "43425C85-806B-4823-AD74-D0A0465FC8DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "90FA67D9-8296-4534-8354-51B830DE3499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A000C67-7EA3-47A7-9068-1C8744C182D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "25EDDB93-DD20-4DBE-962B-6334D5A7CB45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AC4F566-5D54-4364-B5AA-F846A0C8FCEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F9D1BD9-4300-43B5-A87B-E2BF74E55C87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*",
              "matchCriteriaId": "F4B7E143-E24B-40D2-897B-6D516566B7F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "837EBF15-6C7D-46B8-8A90-9DFBF2C09FF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E859A205-0DC2-4E28-8FF0-72D66DE9B280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18E8C7B-53AC-4BC7-9E00-A70293172B58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*",
              "matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*",
              "matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "F1D16230-3699-4AAA-9CAE-5CAF34628885",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
              "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
              "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
    }
  ],
  "id": "CVE-2005-0605",
  "lastModified": "2024-11-20T23:55:30.283",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-03-02T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/14460"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18049"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18316"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/19624"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securitytracker.com/id?1013339"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-723"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12714"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/92-1/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/97-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securitytracker.com/id?1013339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/92-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/97-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-07-16 04:00

Modified

2024-11-20 23:36

Severity ?

Summary

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

References

URL	Tags
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000417
cve@mitre.org	http://www.cert.org/advisories/CA-2001-18.html	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.debian.org/security/2001/dsa-068
cve@mitre.org	http://www.kb.cert.org/vuls/id/935800	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/1905
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-098.html
cve@mitre.org	http://www.securityfocus.com/bid/3049	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/6904
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000417
af854a3a-2127-422b-91ae-364da2661108	http://www.cert.org/advisories/CA-2001-18.html	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2001/dsa-068
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/935800	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/1905
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-098.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/3049	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/6904

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_single_network_firewall	7.2
openldap	openldap	1.0
openldap	openldap	1.0.1
openldap	openldap	1.0.2
openldap	openldap	1.0.3
openldap	openldap	1.1
openldap	openldap	1.1.1
openldap	openldap	1.1.2
openldap	openldap	1.1.3
openldap	openldap	1.1.4
openldap	openldap	1.2
openldap	openldap	1.2.1
openldap	openldap	1.2.2
openldap	openldap	1.2.3
openldap	openldap	1.2.4
openldap	openldap	1.2.5
openldap	openldap	1.2.6
openldap	openldap	1.2.7
openldap	openldap	1.2.8
openldap	openldap	1.2.9
openldap	openldap	1.2.10
openldap	openldap	1.2.11
openldap	openldap	1.2.12
openldap	openldap	2.0
openldap	openldap	2.0.1
openldap	openldap	2.0.2
openldap	openldap	2.0.3
openldap	openldap	2.0.4
openldap	openldap	2.0.5
openldap	openldap	2.0.6
openldap	openldap	2.0.7
debian	debian_linux	2.2
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	6.2
redhat	linux	7.0
redhat	linux	7.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "086DC60F-F530-4515-8F3D-87F30DB9B322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D538927-82D5-476E-9C85-2E9297316D44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A904832-A6D6-45D4-B07C-79ED1FE47A80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB554A4-EEC2-4E17-9F32-27A580B9E389",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "191DB249-6A73-4561-8CCA-565D1525CB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34A5D9A5-FB1D-4ACF-846A-4DB73196122C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "41400CE6-FA51-435C-93F7-B31FE42F18AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6022ABEB-6825-4A5F-9884-74F94C2387F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2F15789-334D-460D-B5B3-FCC71087D107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F77B1548-BB6D-4618-AE7B-E97F91A0AF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7064C52-1211-42B8-BF1F-C22D800AED07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CD95826-E44A-48C6-BAAB-77A905CAE6B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEEA6BB6-41FC-4F15-A95F-9B052F062454",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E90766C1-6DBD-435C-85E1-920DAFA26D67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD13DAE-9588-4540-9183-FB80C507F985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "526366F3-52F0-4816-A356-8F39B718C048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC07AD0D-5DF9-41A4-8592-CEFF1842355D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "30017C56-42A9-4AF9-B5B3-7357E424F837",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8A51F38-3F5A-4F6D-93EE-776B5C2FF48F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DBEC27E-3220-42CE-B6CC-675F387CB506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E641DFFB-CBAF-4DCF-944F-443CFF836A53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:1.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A552E270-5C9C-40DC-B23D-97C8D995B8FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "552F2E25-DDB8-49A6-844A-8520696DBE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D75A36-41C4-464F-8DC4-42C841ABC087",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C3EE919-D05C-4625-85FE-132F6F2B932C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "20D99A58-8D7E-4586-A9BF-1DD2A1DBB8D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEBA0118-545E-4D7B-B819-34D157B2BA6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "67826609-F4CA-42CB-A5D0-B4503DDE2C92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "61676BBD-95B8-44C9-BD66-79F00381BF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openldap:openldap:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "719A9B1D-8E32-461F-BCD4-F72C6AD3E63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field."
    }
  ],
  "id": "CVE-2001-0977",
  "lastModified": "2024-11-20T23:36:34.800",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-07-16T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2001-18.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2001/dsa-068"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/935800"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/1905"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3049"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2001-18.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2001/dsa-068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/935800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/1905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-08-06 04:00

Modified

2024-11-20 23:48

Severity ?

Summary

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

References

URL	Tags
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
cve@mitre.org	http://lwn.net/Articles/91155/
cve@mitre.org	http://securitytracker.com/id?1010057
cve@mitre.org	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066
cve@mitre.org	http://www.novell.com/linux/security/advisories/2004_10_kernel.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-413.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-418.html
cve@mitre.org	http://www.securityfocus.com/bid/10279	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16062
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
af854a3a-2127-422b-91ae-364da2661108	http://lwn.net/Articles/91155/
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1010057
af854a3a-2127-422b-91ae-364da2661108	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2004_10_kernel.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-413.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-418.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10279	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16062
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	fedora_core	core_1.0
suse	suse_linux	8
suse	suse_linux	8.1
suse	suse_linux	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service."
    },
    {
      "lang": "es",
      "value": "Permisos inseguros en el fichero /proc/scsi/qla2300/HbaApiNode en Linux permite a usuarios locales causar una denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2004-0587",
  "lastModified": "2024-11-20T23:48:55.080",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lwn.net/Articles/91155/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1010057"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10279"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lwn.net/Articles/91155/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1010057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-04-14 04:00

Modified

2024-11-20 23:54

Severity ?

Summary

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

References

URL	Tags
cve@mitre.org	http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw
cve@mitre.org	http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg
cve@mitre.org	http://secunia.com/advisories/20163
cve@mitre.org	http://secunia.com/advisories/20202
cve@mitre.org	http://secunia.com/advisories/20338
cve@mitre.org	http://securitytracker.com/id?1012885
cve@mitre.org	http://www.debian.org/security/2006/dsa-1067
cve@mitre.org	http://www.debian.org/security/2006/dsa-1069
cve@mitre.org	http://www.debian.org/security/2006/dsa-1070
cve@mitre.org	http://www.debian.org/security/2006/dsa-1082
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
cve@mitre.org	http://www.novell.com/linux/security/advisories/2005_18_kernel.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-017.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-043.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/12261	Patch, Vendor Advisory
cve@mitre.org	http://www.trustix.org/errata/2005/0001/
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18886
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512
af854a3a-2127-422b-91ae-364da2661108	http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw
af854a3a-2127-422b-91ae-364da2661108	http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20163
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20202
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20338
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1012885
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1067
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1069
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1070
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1082
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2005_18_kernel.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-017.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-043.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12261	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2005/0001/
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18886
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512

Impacted products

Vendor	Product	Version
avaya	mn100	*
avaya	network_routing	*
avaya	converged_communications_server	2.0
avaya	s8710	r2.0.0
avaya	s8710	r2.0.1
avaya	modular_messaging_message_storage_server	1.1
avaya	modular_messaging_message_storage_server	2.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.1
linux	linux_kernel	2.4.2
linux	linux_kernel	2.4.3
linux	linux_kernel	2.4.4
linux	linux_kernel	2.4.5
linux	linux_kernel	2.4.6
linux	linux_kernel	2.4.7
linux	linux_kernel	2.4.8
linux	linux_kernel	2.4.9
linux	linux_kernel	2.4.10
linux	linux_kernel	2.4.11
linux	linux_kernel	2.4.12
linux	linux_kernel	2.4.13
linux	linux_kernel	2.4.14
linux	linux_kernel	2.4.15
linux	linux_kernel	2.4.16
linux	linux_kernel	2.4.17
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.20
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.22
linux	linux_kernel	2.4.23
linux	linux_kernel	2.4.23
linux	linux_kernel	2.4.23_ow2
linux	linux_kernel	2.4.24
linux	linux_kernel	2.4.24_ow1
linux	linux_kernel	2.4.25
linux	linux_kernel	2.4.26
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.28
linux	linux_kernel	2.4.29
linux	linux_kernel	2.4.29
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux_desktop	3.0
avaya	intuity_audix	*
mandrakesoft	mandrake_multi_network_firewall	8.2
avaya	s8300	r2.0.0
avaya	s8300	r2.0.1
avaya	s8500	r2.0.0
avaya	s8500	r2.0.1
avaya	s8700	r2.0.0
avaya	s8700	r2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D073442B-D7E7-4E07-AF2D-E22FE65B09A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E942E0E7-0808-479C-B061-66119EBA12E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8710:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B1272B-8B71-4D2D-A5E4-0E7828500C22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8710:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7C7B9C0-91A2-4529-B879-60DE043E719C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E25F5CF2-F891-41CA-A40C-13966F72FDF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7417958C-5321-41D6-9D1A-D16BF5511E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
              "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
              "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
              "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
              "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
              "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
              "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
              "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
              "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
              "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
              "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
              "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
              "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
              "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
              "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
              "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "4F83D55B-3106-4907-A75F-A7EBF0EC6974",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0AFD594E-48BA-4281-8DEE-306E3008ABB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
              "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
              "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file."
    },
    {
      "lang": "es",
      "value": "El soporte de ELF de 64 bits en los kernel de Linux 2.6 anteriores a 2.6.10 en arquitecturas de 64 bits no verifica adecuadamente solapamientos en asignaciones de memoria VMA (virtual memory address), lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda del sistema) o ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero ELF o a.out artesanal."
    }
  ],
  "id": "CVE-2005-0003",
  "lastModified": "2024-11-20T23:54:12.700",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20163"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20202"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20338"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012885"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1067"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1069"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1070"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1082"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12261"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2005/0001/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20202"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012885"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2005/0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-01-10 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

References

URL	Tags
cve@mitre.org	http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258&view=markup
cve@mitre.org	http://www.debian.org/security/2004/dsa-606
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-583.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-014.html
cve@mitre.org	http://www.securityfocus.com/archive/1/426072/30/6740/threaded
cve@mitre.org	http://www.securityfocus.com/bid/11785	Patch, Vendor Advisory
cve@mitre.org	http://www.trustix.org/errata/2004/0065/
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18332
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899
cve@mitre.org	https://www.ubuntu.com/usn/usn-36-1/
af854a3a-2127-422b-91ae-364da2661108	http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258&view=markup
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-606
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-583.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-014.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/426072/30/6740/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11785	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2004/0065/
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18332
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899
af854a3a-2127-422b-91ae-364da2661108	https://www.ubuntu.com/usn/usn-36-1/

Impacted products

Vendor	Product	Version
nfs	nfs-utils	1.0.6
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux_desktop	3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nfs:nfs-utils:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8616115-30AC-4160-B196-D417AF32C7C7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated."
    },
    {
      "lang": "es",
      "value": "statd en nfs-utils 1.257 y anteriores hace caso a la se\u00f1al SIGPIPE, lo que permite a atacanes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de proceso de servidor) mediante una conexi\u00f3n TCP que es terminada prematuramente."
    }
  ],
  "id": "CVE-2004-1014",
  "lastModified": "2024-11-20T23:49:54.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-10T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258\u0026view=markup"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-606"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-583.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-014.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/426072/30/6740/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11785"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2004/0065/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18332"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.ubuntu.com/usn/usn-36-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258\u0026view=markup"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-583.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/426072/30/6740/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2004/0065/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.ubuntu.com/usn/usn-36-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-11-28 05:00

Modified

2024-11-20 23:37

Severity ?

Summary

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.

References

URL	Tags
cve@mitre.org	http://www.kb.cert.org/vuls/id/913704	Patch, US Government Resource
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/8029
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/913704	Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/8029

Impacted products

Vendor	Product	Version
apache	http_server	1.3
apache	http_server	1.3.1
apache	http_server	1.3.3
apache	http_server	1.3.4
apache	http_server	1.3.6
apache	http_server	1.3.9
apache	http_server	1.3.11
apache	http_server	1.3.12
apache	http_server	1.3.14
apache	http_server	1.3.17
apache	http_server	1.3.18
mandrakesoft	mandrake_single_network_firewall	7.2
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.3
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux_corporate_server	1.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "28EC1F94-04F3-490A-8324-1EB60EEBAD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D94958-0D13-4076-B6F0-61D505136789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B22DA22E-54DA-46CF-B3AE-4B0900D8086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F90F496A-5D57-448F-A46F-E15F06CBFD01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "89B58983-633F-4D20-80AE-8E7EB865CF83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "19C8989C-D8A6-4AE9-99B6-F2DAE5999EB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6EE0E2-D608-4E72-A0E5-F407511405C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "33FD6791-3B84-40CA-BCF4-B5637B172F2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DDD2F69-CFD4-4DEA-B43A-1337EEFA95A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A80B17D-FD66-40BD-9ADC-FE7A3944A696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "713ADED4-CBE5-40C3-A128-99CFABF24560",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B58D49AA-BBA0-4496-9A52-3D5C9DAEB58B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories."
    }
  ],
  "id": "CVE-2001-1449",
  "lastModified": "2024-11-20T23:37:43.277",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-11-28T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/913704"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/913704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8029"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:02

Severity ?

Summary

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

References

URL	Tags
secalert@redhat.com	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.com	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	Patch
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2006-0177.html	Patch, Vendor Advisory
secalert@redhat.com	http://scary.beasts.org/security/CESA-2005-003.txt	Exploit
secalert@redhat.com	http://secunia.com/advisories/18147
secalert@redhat.com	http://secunia.com/advisories/18303	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18312	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18313	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18329	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18332	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18334	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18335	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18338	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18349	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18373
secalert@redhat.com	http://secunia.com/advisories/18375	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18380
secalert@redhat.com	http://secunia.com/advisories/18385	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18387	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18389	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18398	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18407	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18414
secalert@redhat.com	http://secunia.com/advisories/18416	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18423	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18425
secalert@redhat.com	http://secunia.com/advisories/18428
secalert@redhat.com	http://secunia.com/advisories/18436
secalert@redhat.com	http://secunia.com/advisories/18448	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18463
secalert@redhat.com	http://secunia.com/advisories/18517	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18534	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18554	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18582	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18642	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18644	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18674	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18675	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18679	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18908	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18913
secalert@redhat.com	http://secunia.com/advisories/19230
secalert@redhat.com	http://secunia.com/advisories/19377
secalert@redhat.com	http://secunia.com/advisories/25729
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.com	http://www.debian.org/security/2005/dsa-931
secalert@redhat.com	http://www.debian.org/security/2005/dsa-932
secalert@redhat.com	http://www.debian.org/security/2005/dsa-937
secalert@redhat.com	http://www.debian.org/security/2005/dsa-938
secalert@redhat.com	http://www.debian.org/security/2005/dsa-940
secalert@redhat.com	http://www.debian.org/security/2006/dsa-936	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-950	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-961	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-962
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	Patch, Vendor Advisory
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
secalert@redhat.com	http://www.kde.org/info/security/advisory-20051207-2.txt	Patch, Vendor Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html	Patch
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html	Patch
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0160.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/16143	Patch
secalert@redhat.com	http://www.trustix.org/errata/2006/0002/
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/0047
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/2280
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/24023
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575
secalert@redhat.com	https://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2006-0177.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://scary.beasts.org/security/CESA-2005-003.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18303	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18312	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18313	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18329	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18332	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18334	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18335	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18338	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18349	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18375	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18385	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18387	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18389	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18398	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18407	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18416	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18423	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18448	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18517	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18534	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18554	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18582	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18642	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18644	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18674	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18675	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18679	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18908	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-936	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-950	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-961	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kde.org/info/security/advisory-20051207-2.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0160.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16143	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24023
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/236-1/

Impacted products

Vendor	Product	Version
easy_software_products	cups	1.1.22
easy_software_products	cups	1.1.22_rc1
easy_software_products	cups	1.1.23
easy_software_products	cups	1.1.23_rc1
kde	kdegraphics	3.2
kde	kdegraphics	3.4.3
kde	koffice	1.4
kde	koffice	1.4.1
kde	koffice	1.4.2
kde	kpdf	3.2
kde	kpdf	3.4.3
kde	kword	1.4.2
libextractor	libextractor	*
poppler	poppler	0.4.2
sgi	propack	3.0
tetex	tetex	1.0.7
tetex	tetex	2.0
tetex	tetex	2.0.1
tetex	tetex	2.0.2
tetex	tetex	3.0
xpdf	xpdf	3.0
conectiva	linux	10.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
gentoo	linux	*
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	fedora_core	core_4.0
redhat	linux	7.3
redhat	linux	9.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
sco	openserver	5.0.7
sco	openserver	6.0
slackware	slackware_linux	9.0
slackware	slackware_linux	9.1
slackware	slackware_linux	10.0
slackware	slackware_linux	10.1
slackware	slackware_linux	10.2
suse	suse_linux	1.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.2
suse	suse_linux	9.2
suse	suse_linux	9.2
suse	suse_linux	9.3
suse	suse_linux	9.3
suse	suse_linux	9.3
suse	suse_linux	10.0
suse	suse_linux	10.0
trustix	secure_linux	2.0
trustix	secure_linux	2.2
trustix	secure_linux	3.0
turbolinux	turbolinux	10
turbolinux	turbolinux	fuji
turbolinux	turbolinux_appliance_server	1.0_hosting_edition
turbolinux	turbolinux_appliance_server	1.0_workgroup_edition
turbolinux	turbolinux_desktop	10.0
turbolinux	turbolinux_home	*
turbolinux	turbolinux_multimedia	*
turbolinux	turbolinux_personal	*
turbolinux	turbolinux_server	8.0
turbolinux	turbolinux_server	10.0
turbolinux	turbolinux_server	10.0_x86
turbolinux	turbolinux_workstation	8.0
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
    }
  ],
  "id": "CVE-2005-3625",
  "lastModified": "2024-11-21T00:02:16.957",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-05-03 04:00

Modified

2024-11-20 23:35

Severity ?

Summary

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html	Patch
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000381
cve@mitre.org	http://www.debian.org/security/2001/dsa-031	Patch, Vendor Advisory
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-018.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-019.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000381
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2001/dsa-031	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-018.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-019.html

Impacted products

Vendor	Product	Version
debian	debian_linux	2.2
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges."
    }
  ],
  "id": "CVE-2001-0279",
  "lastModified": "2024-11-20T23:35:01.100",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-05-03T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000381"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2001/dsa-031"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-018.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-019.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2001/dsa-031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-019.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:53

Severity ?

Summary

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

References

URL	Tags
cve@mitre.org	http://securitytracker.com/id?1010187
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:044	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-770.html	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/10368	Patch
cve@mitre.org	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16188
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1010187
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:044	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-770.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10368	Patch
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16188

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "EFEB74B2-3019-43CC-A1B7-8F0E66A8E410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs."
    }
  ],
  "id": "CVE-2004-2392",
  "lastModified": "2024-11-20T23:53:14.650",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1010187"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:044"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-770.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10368"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1010187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-770.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16188"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:53

Severity ?

Summary

passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.

References

URL	Tags
cve@mitre.org	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/10370	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16179
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10370	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16179

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	9.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent \"safe and proper operation\" of PAM."
    }
  ],
  "id": "CVE-2004-2396",
  "lastModified": "2024-11-20T23:53:15.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10370"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10370"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16179"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-04-27 04:00

Modified

2024-11-20 23:54

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

References

URL	Tags
cve@mitre.org	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt
cve@mitre.org	http://secunia.com/advisories/14255
cve@mitre.org	http://secunia.com/advisories/14276
cve@mitre.org	http://secunia.com/advisories/14303
cve@mitre.org	http://secunia.com/advisories/14795
cve@mitre.org	http://secunia.com/advisories/15007
cve@mitre.org	http://secunia.com/advisories/17414
cve@mitre.org	http://secunia.com/advisories/17415
cve@mitre.org	http://securitytracker.com/id?1013078
cve@mitre.org	http://www.debian.org/security/2005/dsa-680	Patch, Vendor Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:063
cve@mitre.org	http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-073.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-090.html
cve@mitre.org	http://www.securityfocus.com/bid/12442	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/19223
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14255
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14276
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14303
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14795
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/15007
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17414
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17415
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1013078
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-680	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:063
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-073.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-090.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12442	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/19223
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878

Impacted products

Vendor	Product	Version
htdig	htdig	3.1.5
htdig	htdig	3.1.5_7
htdig	htdig	3.1.5_8
htdig	htdig	3.1.6
htdig	htdig	3.2.0
htdig	htdig	3.2.0b2
htdig	htdig	3.2.0b3
htdig	htdig	3.2.0b4
htdig	htdig	3.2.0b5
htdig	htdig	3.2.0b6
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	fedora_core	core_3.0
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1B424C-CCA5-41F5-A022-A57F31E5A8CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.1.5_7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ED8D3ED-DC4B-4D4E-B0C3-61A5723C4EF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.1.5_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "447995AE-E56D-4C78-9842-D0C380D5B36E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A8A8C9D-5667-42CB-8C6D-9FB6896E05C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A77C93-4737-451F-95FA-529D706E5E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.2.0b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC385F4-2846-48F4-8BE1-403B9CE362AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.2.0b3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74EBEB9A-82D9-4B18-85F3-85A8C8CB3D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.2.0b4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EEF5A3E-91AF-4D19-887A-2629432B7873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.2.0b5:*:*:*:*:*:*:*",
              "matchCriteriaId": "52B7F9FD-8F58-4ACF-9787-4EBF906C1623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:htdig:htdig:3.2.0b6:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C1D7AC-17E8-480C-B2B4-F76F13691494",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en ht://dig (htdig) anteriores a 3.1.6r7 permite a atacantes remotos ejecutar script web de su elecci\u00f3n o HTML mediante el par\u00e1metro config, que no es limpiado adecuamante antes de ser mostrado en le mensaje de error."
    }
  ],
  "id": "CVE-2005-0085",
  "lastModified": "2024-11-20T23:54:22.917",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-27T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/14255"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/14276"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/14303"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/14795"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/15007"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17414"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17415"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1013078"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-680"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12442"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/15007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1013078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-680"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. These issues did not affect the versions of htdig as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=144263",
      "lastModified": "2006-08-30T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-03-01 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

References

URL	Tags
cve@mitre.org	http://www.debian.org/security/2004/dsa-586
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:128
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-635.html
cve@mitre.org	http://www.securityfocus.com/bid/11618	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17985
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268
cve@mitre.org	https://usn.ubuntu.com/20-1/
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-586
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:128
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-635.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11618	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17985
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/20-1/

Impacted products

Vendor	Product	Version
yukihiro_matsumoto	ruby	1.6
yukihiro_matsumoto	ruby	1.6.7
yukihiro_matsumoto	ruby	1.8
yukihiro_matsumoto	ruby	1.8.1
yukihiro_matsumoto	ruby	1.8.2_pre1
yukihiro_matsumoto	ruby	1.8.2_pre2
gentoo	linux	*
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:yukihiro_matsumoto:ruby:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "46EE9BA9-DE82-4461-8D05-8B4DA2BAFE19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yukihiro_matsumoto:ruby:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9313467-150B-4231-80E5-35EFD6B64978",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yukihiro_matsumoto:ruby:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "05A4185F-1CE1-48D1-B967-01A96527417B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "551CCA30-00E2-46CF-A05B-FA8F9827CDF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.2_pre1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AF152DC-D5B5-4692-AA7F-38357A2C48B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:yukihiro_matsumoto:ruby:1.8.2_pre2:*:*:*:*:*:*:*",
              "matchCriteriaId": "724A539F-F54A-4896-9116-89D35350670D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request."
    }
  ],
  "id": "CVE-2004-0983",
  "lastModified": "2024-11-20T23:49:49.990",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-03-01T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-586"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:128"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-635.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11618"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17985"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/20-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:128"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-635.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11618"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17985"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/20-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:02

Severity ?

Summary

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

References

URL	Tags
secalert@redhat.com	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.com	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	Patch, Vendor Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2006-0177.html	Patch, Vendor Advisory
secalert@redhat.com	http://scary.beasts.org/security/CESA-2005-003.txt	Exploit
secalert@redhat.com	http://secunia.com/advisories/18147
secalert@redhat.com	http://secunia.com/advisories/18303	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18312	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18313	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18329	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18332	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18334	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18335	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18338	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18349	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18373
secalert@redhat.com	http://secunia.com/advisories/18375	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18380
secalert@redhat.com	http://secunia.com/advisories/18385	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18387	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18389	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18398	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18407	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18414
secalert@redhat.com	http://secunia.com/advisories/18416	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18423	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18425
secalert@redhat.com	http://secunia.com/advisories/18428
secalert@redhat.com	http://secunia.com/advisories/18436
secalert@redhat.com	http://secunia.com/advisories/18448	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18463
secalert@redhat.com	http://secunia.com/advisories/18517	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18534	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18554	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18582	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18642	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18644	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18674	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18675	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18679	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18908
secalert@redhat.com	http://secunia.com/advisories/18913
secalert@redhat.com	http://secunia.com/advisories/19230
secalert@redhat.com	http://secunia.com/advisories/19377
secalert@redhat.com	http://secunia.com/advisories/25729
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.com	http://www.debian.org/security/2005/dsa-931
secalert@redhat.com	http://www.debian.org/security/2005/dsa-932
secalert@redhat.com	http://www.debian.org/security/2005/dsa-937
secalert@redhat.com	http://www.debian.org/security/2005/dsa-938
secalert@redhat.com	http://www.debian.org/security/2005/dsa-940
secalert@redhat.com	http://www.debian.org/security/2006/dsa-936	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-950	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-961	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-962
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	Patch, Vendor Advisory
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
secalert@redhat.com	http://www.kde.org/info/security/advisory-20051207-2.txt	Patch, Vendor Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html	Patch
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html	Patch
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0160.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/16143	Patch
secalert@redhat.com	http://www.trustix.org/errata/2006/0002/
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/0047
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/2280
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/24026
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992
secalert@redhat.com	https://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2006-0177.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://scary.beasts.org/security/CESA-2005-003.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18303	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18312	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18313	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18329	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18332	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18334	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18335	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18338	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18349	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18375	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18385	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18387	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18389	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18398	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18407	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18416	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18423	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18448	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18517	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18534	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18554	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18582	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18642	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18644	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18674	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18675	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18679	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18913
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-936	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-950	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-961	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-962
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kde.org/info/security/advisory-20051207-2.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0160.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16143	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24026
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/236-1/

Impacted products

Vendor	Product	Version
easy_software_products	cups	1.1.22
easy_software_products	cups	1.1.22_rc1
easy_software_products	cups	1.1.23
easy_software_products	cups	1.1.23_rc1
kde	kdegraphics	3.2
kde	kdegraphics	3.4.3
kde	koffice	1.4
kde	koffice	1.4.1
kde	koffice	1.4.2
kde	kpdf	3.2
kde	kpdf	3.4.3
kde	kword	1.4.2
libextractor	libextractor	*
poppler	poppler	0.4.2
sgi	propack	3.0
tetex	tetex	1.0.7
tetex	tetex	2.0
tetex	tetex	2.0.1
tetex	tetex	2.0.2
tetex	tetex	3.0
xpdf	xpdf	3.0
conectiva	linux	10.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
gentoo	linux	*
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	fedora_core	core_4.0
redhat	linux	7.3
redhat	linux	9.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
sco	openserver	5.0.7
sco	openserver	6.0
slackware	slackware_linux	9.0
slackware	slackware_linux	9.1
slackware	slackware_linux	10.0
slackware	slackware_linux	10.1
slackware	slackware_linux	10.2
suse	suse_linux	1.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.2
suse	suse_linux	9.2
suse	suse_linux	9.2
suse	suse_linux	9.3
suse	suse_linux	9.3
suse	suse_linux	9.3
suse	suse_linux	10.0
suse	suse_linux	10.0
trustix	secure_linux	2.0
trustix	secure_linux	2.2
trustix	secure_linux	3.0
turbolinux	turbolinux	10
turbolinux	turbolinux	fuji
turbolinux	turbolinux_appliance_server	1.0_hosting_edition
turbolinux	turbolinux_appliance_server	1.0_workgroup_edition
turbolinux	turbolinux_desktop	10.0
turbolinux	turbolinux_home	*
turbolinux	turbolinux_multimedia	*
turbolinux	turbolinux_personal	*
turbolinux	turbolinux_server	8.0
turbolinux	turbolinux_server	10.0
turbolinux	turbolinux_server	10.0_x86
turbolinux	turbolinux_workstation	8.0
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
    }
  ],
  "id": "CVE-2005-3626",
  "lastModified": "2024-11-21T00:02:17.183",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18335"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-07-02 04:00

Modified

2024-11-20 23:35

Severity ?

Summary

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html	Patch, Vendor Advisory
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389	Patch
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/5641
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-022.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-023.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/6261
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/5641
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-022.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-023.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/6261

Impacted products

Vendor	Product	Version
licq	licq	*
conectiva	linux	4.0
conectiva	linux	4.0es
conectiva	linux	4.1
conectiva	linux	4.2
conectiva	linux	5.0
freebsd	freebsd	3.5.1
freebsd	freebsd	4.2
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:licq:licq:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C6FC4D2-53F1-448A-82E0-CA189099FF84",
              "versionEndIncluding": "1.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
              "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL."
    }
  ],
  "id": "CVE-2001-0439",
  "lastModified": "2024-11-20T23:35:22.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-07-02T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/5641"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/5641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

References

URL	Tags
cve@mitre.org	http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870	Patch
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089
cve@mitre.org	http://www.securityfocus.com/bid/11084	Patch
cve@mitre.org	http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17183
af854a3a-2127-422b-91ae-364da2661108	http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870	Patch
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11084	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17183

Impacted products

Vendor	Product	Version
enlightenment	imlib	1.9
enlightenment	imlib	1.9.1
enlightenment	imlib	1.9.2
enlightenment	imlib	1.9.3
enlightenment	imlib	1.9.4
enlightenment	imlib	1.9.5
enlightenment	imlib	1.9.6
enlightenment	imlib	1.9.7
enlightenment	imlib	1.9.8
enlightenment	imlib	1.9.9
enlightenment	imlib	1.9.10
enlightenment	imlib	1.9.11
enlightenment	imlib	1.9.12
enlightenment	imlib	1.9.13
enlightenment	imlib	1.9.14
enlightenment	imlib2	1.0
enlightenment	imlib2	1.0.1
enlightenment	imlib2	1.0.2
enlightenment	imlib2	1.0.3
enlightenment	imlib2	1.0.4
enlightenment	imlib2	1.0.5
enlightenment	imlib2	1.1
enlightenment	imlib2	1.1.1
imagemagick	imagemagick	5.3.3
imagemagick	imagemagick	5.4.3
imagemagick	imagemagick	5.4.4.5
imagemagick	imagemagick	5.4.7
imagemagick	imagemagick	5.4.8
imagemagick	imagemagick	5.4.8.2.1.1.0
imagemagick	imagemagick	5.5.3.2.1.2.0
imagemagick	imagemagick	5.5.6.0_2003-04-09
imagemagick	imagemagick	5.5.7
imagemagick	imagemagick	6.0.2
sun	java_desktop_system	2.0
sun	java_desktop_system	2003
conectiva	linux	9.0
conectiva	linux	10.0
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux_desktop	3.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.2
turbolinux	turbolinux_desktop	10.0
turbolinux	turbolinux_server	7.0
turbolinux	turbolinux_server	8.0
turbolinux	turbolinux_workstation	7.0
turbolinux	turbolinux_workstation	8.0
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
              "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
    }
  ],
  "id": "CVE-2004-0802",
  "lastModified": "2024-11-20T23:49:26.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11084"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2003-08-27 04:00

Modified

2024-11-20 23:44

Severity ?

Summary

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).

References

URL	Tags
cve@mitre.org	http://www.debian.org/security/2004/dsa-358
cve@mitre.org	http://www.debian.org/security/2004/dsa-423	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-198.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-238.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-239.html
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-358
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-423	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-198.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-238.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-239.html
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.1
linux	linux_kernel	2.4.2
linux	linux_kernel	2.4.3
linux	linux_kernel	2.4.4
linux	linux_kernel	2.4.5
linux	linux_kernel	2.4.6
linux	linux_kernel	2.4.7
linux	linux_kernel	2.4.8
linux	linux_kernel	2.4.9
linux	linux_kernel	2.4.10
linux	linux_kernel	2.4.11
linux	linux_kernel	2.4.12
linux	linux_kernel	2.4.13
linux	linux_kernel	2.4.14
linux	linux_kernel	2.4.15
linux	linux_kernel	2.4.16
linux	linux_kernel	2.4.17
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.20
linux	linux_kernel	2.4.21
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	9.0
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash)."
    },
    {
      "lang": "es",
      "value": "Una condici\u00f3n de carrera en la manera que los punteros env_start y env_end son inicializados en la llamada al sistema execve y usada en fs/proc/base.c en Linux 2.4 permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda)."
    }
  ],
  "id": "CVE-2003-0462",
  "lastModified": "2024-11-20T23:44:47.803",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 1.2,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-08-27T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-358"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-423"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-358"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-23 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

References

URL	Tags
cve@mitre.org	http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html
cve@mitre.org	http://www.alighieri.org/advisories/advisory-mpg123.txt
cve@mitre.org	http://www.debian.org/security/2004/dsa-564	Patch, Vendor Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml
cve@mitre.org	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100
cve@mitre.org	http://www.securityfocus.com/archive/1/374433
cve@mitre.org	http://www.securityfocus.com/bid/11121
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17287
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html
af854a3a-2127-422b-91ae-364da2661108	http://www.alighieri.org/advisories/advisory-mpg123.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-564	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/374433
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11121
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17287

Impacted products

Vendor	Product	Version
mpg123	mpg123	0.59r
mpg123	mpg123	0.59s
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mpg123:mpg123:0.59r:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EEF7E-C6BB-4669-81D2-68AABF8A7686",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mpg123:mpg123:0.59s:*:*:*:*:*:*:*",
              "matchCriteriaId": "1144518D-4069-4903-9B45-56C0E97BC992",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en layer2.c en mpg123 0.59r y posiblemente en mpg123 0.59s permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ciertos ficheros mp3 o mp2."
    }
  ],
  "id": "CVE-2004-0805",
  "lastModified": "2024-11-20T23:49:27.170",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-23T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.alighieri.org/advisories/advisory-mpg123.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-564"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/374433"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/11121"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.alighieri.org/advisories/advisory-mpg123.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/374433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/11121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17287"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-04-14 04:00

Modified

2024-11-20 23:50

Severity ?

Summary

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

References

URL	Tags
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
cve@mitre.org	http://isec.pl/vulnerabilities/isec-0021-uselib.txt
cve@mitre.org	http://marc.info/?l=bugtraq&m=110512575901427&w=2
cve@mitre.org	http://secunia.com/advisories/20162
cve@mitre.org	http://secunia.com/advisories/20163
cve@mitre.org	http://secunia.com/advisories/20202
cve@mitre.org	http://secunia.com/advisories/20338
cve@mitre.org	http://www.debian.org/security/2006/dsa-1067
cve@mitre.org	http://www.debian.org/security/2006/dsa-1069
cve@mitre.org	http://www.debian.org/security/2006/dsa-1070
cve@mitre.org	http://www.debian.org/security/2006/dsa-1082
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
cve@mitre.org	http://www.novell.com/linux/security/advisories/2005_01_sr.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-016.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-017.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-043.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-092.html
cve@mitre.org	http://www.securityfocus.com/advisories/7804
cve@mitre.org	http://www.securityfocus.com/advisories/7805
cve@mitre.org	http://www.securityfocus.com/advisories/7806
cve@mitre.org	http://www.securityfocus.com/bid/12190	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://www.trustix.org/errata/2005/0001/
cve@mitre.org	https://bugzilla.fedora.us/show_bug.cgi?id=2336
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18800
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
af854a3a-2127-422b-91ae-364da2661108	http://isec.pl/vulnerabilities/isec-0021-uselib.txt
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110512575901427&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20162
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20163
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20202
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20338
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1067
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1069
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1070
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1082
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2005_01_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-016.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-017.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-043.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-092.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/advisories/7804
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/advisories/7805
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/advisories/7806
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12190	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2005/0001/
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.fedora.us/show_bug.cgi?id=2336
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18800
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567

Impacted products

Vendor	Product	Version
avaya	mn100	*
avaya	network_routing	*
avaya	converged_communications_server	2.0
avaya	s8710	r2.0.0
avaya	s8710	r2.0.1
avaya	modular_messaging_message_storage_server	1.1
avaya	modular_messaging_message_storage_server	2.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.1
linux	linux_kernel	2.4.2
linux	linux_kernel	2.4.3
linux	linux_kernel	2.4.4
linux	linux_kernel	2.4.5
linux	linux_kernel	2.4.6
linux	linux_kernel	2.4.7
linux	linux_kernel	2.4.8
linux	linux_kernel	2.4.9
linux	linux_kernel	2.4.10
linux	linux_kernel	2.4.11
linux	linux_kernel	2.4.12
linux	linux_kernel	2.4.13
linux	linux_kernel	2.4.14
linux	linux_kernel	2.4.15
linux	linux_kernel	2.4.16
linux	linux_kernel	2.4.17
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.20
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.22
linux	linux_kernel	2.4.23
linux	linux_kernel	2.4.23
linux	linux_kernel	2.4.23_ow2
linux	linux_kernel	2.4.24
linux	linux_kernel	2.4.24_ow1
linux	linux_kernel	2.4.25
linux	linux_kernel	2.4.26
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.27
linux	linux_kernel	2.4.28
linux	linux_kernel	2.4.29
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.1
linux	linux_kernel	2.6.1
linux	linux_kernel	2.6.1
linux	linux_kernel	2.6.2
linux	linux_kernel	2.6.3
linux	linux_kernel	2.6.4
linux	linux_kernel	2.6.5
linux	linux_kernel	2.6.6
linux	linux_kernel	2.6.6
linux	linux_kernel	2.6.7
linux	linux_kernel	2.6.7
linux	linux_kernel	2.6.8
linux	linux_kernel	2.6.8
linux	linux_kernel	2.6.8
linux	linux_kernel	2.6.8
linux	linux_kernel	2.6.9
linux	linux_kernel	2.6.10
linux	linux_kernel	2.6.10
linux	linux_kernel	2.6_test9_cvs
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	linux	7.3
redhat	linux	9.0
suse	suse_linux	1.0
suse	suse_linux	8
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.2
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1
avaya	intuity_audix	*
mandrakesoft	mandrake_multi_network_firewall	8.2
avaya	s8300	r2.0.0
avaya	s8300	r2.0.1
avaya	s8500	r2.0.0
avaya	s8500	r2.0.1
avaya	s8700	r2.0.0
avaya	s8700	r2.0.1
conectiva	linux	10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D073442B-D7E7-4E07-AF2D-E22FE65B09A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E942E0E7-0808-479C-B061-66119EBA12E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8710:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B1272B-8B71-4D2D-A5E4-0E7828500C22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8710:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7C7B9C0-91A2-4529-B879-60DE043E719C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E25F5CF2-F891-41CA-A40C-13966F72FDF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7417958C-5321-41D6-9D1A-D16BF5511E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
              "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
              "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
              "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
              "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
              "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
              "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
              "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
              "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
              "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
              "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
              "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
              "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
              "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
              "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
              "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "0AFD594E-48BA-4281-8DEE-306E3008ABB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*",
              "matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*",
              "matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*",
              "matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*",
              "matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*",
              "matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*",
              "matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*",
              "matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*",
              "matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*",
              "matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*",
              "matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*",
              "matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*",
              "matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*",
              "matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
              "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
              "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*",
              "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor."
    },
    {
      "lang": "es",
      "value": "Condici\u00f3n de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n manipulando el descriptor WMA."
    }
  ],
  "id": "CVE-2004-1235",
  "lastModified": "2024-11-20T23:50:25.770",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20162"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20163"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20202"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20338"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1067"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1069"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1070"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1082"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/advisories/7804"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/advisories/7805"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/advisories/7806"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12190"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2005/0001/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20202"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/advisories/7804"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/advisories/7805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/advisories/7806"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12190"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2005/0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-02-09 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

References

URL	Tags
cve@mitre.org	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300	Issue Tracking
cve@mitre.org	http://marc.info/?l=bugtraq&m=109910073808903&w=2	Third Party Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200410-16.xml	Third Party Advisory
cve@mitre.org	http://www.debian.org/security/2004/dsa-577	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:149	Third Party Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-489.html	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/11295	Patch, Third Party Advisory, VDB Entry, Vendor Advisory
cve@mitre.org	http://www.trustix.org/errata/2004/0050	Third Party Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583	Third Party Advisory, VDB Entry
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360	Broken Link
cve@mitre.org	https://www.ubuntu.com/usn/usn-6-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=109910073808903&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200410-16.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-577	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:149	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-489.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11295	Patch, Third Party Advisory, VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2004/0050	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://www.ubuntu.com/usn/usn-6-1/	Third Party Advisory

Impacted products

Vendor	Product	Version
postgresql	postgresql	*
postgresql	postgresql	*
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux_desktop	3.0
trustix	secure_linux	2.0
trustix	secure_linux	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7125EA95-D4D6-4247-802D-3C8E1038FFCA",
              "versionEndExcluding": "7.3.8",
              "versionStartIncluding": "7.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12C3EA0D-E4B3-471B-977A-E07EC391F3A8",
              "versionEndExcluding": "7.4.6",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files."
    }
  ],
  "id": "CVE-2004-0977",
  "lastModified": "2024-11-20T23:49:49.077",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-02-09T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=109910073808903\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200410-16.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-577"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:149"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-489.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11295"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.trustix.org/errata/2004/0050"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.ubuntu.com/usn/usn-6-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=109910073808903\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200410-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-577"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-489.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.trustix.org/errata/2004/0050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.ubuntu.com/usn/usn-6-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-06-21 20:30

Modified

2024-11-21 00:31

Severity ?

Summary

Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.

References

▼	URL	Tags
	cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929
	cve@mitre.org	http://secunia.com/advisories/26987
	cve@mitre.org	http://www.debian.org/security/2007/dsa-1316
	cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:133
	cve@mitre.org	http://www.novell.com/linux/security/advisories/2007_19_sr.html
	cve@mitre.org	http://www.securityfocus.com/bid/24570
	cve@mitre.org	http://www.securitytracker.com/id?1018277
	cve@mitre.org	http://www.ubuntu.com/usn/usn-504-1
	cve@mitre.org	https://issues.rpath.com/browse/RPL-1490
	af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26987
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1316
	af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:133
	af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_19_sr.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24570
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018277
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-504-1
	af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1490

Impacted products

Vendor	Product	Version
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
gnu	emacs	21

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "EFB8DE9F-2130-49E9-85EE-6793ED9FBEED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*",
              "matchCriteriaId": "7731A395-328A-4435-A388-1419224A4256",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation."
    },
    {
      "lang": "es",
      "value": "Emacs 21 permite a atacantes con la intervenci\u00f3n del usuario provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de ciertas im\u00e1genes modificadas, como lo demostrado a trav\u00e9s de im\u00e1genes GIF en el modo vm, relacionado con el c\u00e1lculo del tama\u00f1o de la imagen."
    }
  ],
  "id": "CVE-2007-2833",
  "lastModified": "2024-11-21T00:31:46.377",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-06-21T20:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/26987"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2007/dsa-1316"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24570"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018277"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-504-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1316"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018277"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-504-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1490"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat does not consider a user-assisted crash of a user application such as Emacs to be a security issue.\n",
      "lastModified": "2007-06-26T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

References

URL	Tags
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870	Patch
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
cve@mitre.org	http://www.debian.org/security/2004/dsa-548	Patch, Vendor Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:089
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-465.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/11084	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17182
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870	Patch
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-548	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:089
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-465.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11084	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17182
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843

Impacted products

Vendor	Product	Version
enlightenment	imlib	1.9
enlightenment	imlib	1.9.1
enlightenment	imlib	1.9.2
enlightenment	imlib	1.9.3
enlightenment	imlib	1.9.4
enlightenment	imlib	1.9.5
enlightenment	imlib	1.9.6
enlightenment	imlib	1.9.7
enlightenment	imlib	1.9.8
enlightenment	imlib	1.9.9
enlightenment	imlib	1.9.10
enlightenment	imlib	1.9.11
enlightenment	imlib	1.9.12
enlightenment	imlib	1.9.13
enlightenment	imlib	1.9.14
enlightenment	imlib2	1.0
enlightenment	imlib2	1.0.1
enlightenment	imlib2	1.0.2
enlightenment	imlib2	1.0.3
enlightenment	imlib2	1.0.4
enlightenment	imlib2	1.0.5
enlightenment	imlib2	1.1
enlightenment	imlib2	1.1.1
imagemagick	imagemagick	5.3.3
imagemagick	imagemagick	5.4.3
imagemagick	imagemagick	5.4.4.5
imagemagick	imagemagick	5.4.7
imagemagick	imagemagick	5.4.8
imagemagick	imagemagick	5.4.8.2.1.1.0
imagemagick	imagemagick	5.5.3.2.1.2.0
imagemagick	imagemagick	5.5.6.0_2003-04-09
imagemagick	imagemagick	5.5.7
imagemagick	imagemagick	6.0.2
sun	java_desktop_system	2.0
sun	java_desktop_system	2003
conectiva	linux	9.0
conectiva	linux	10.0
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux_desktop	3.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.2
turbolinux	turbolinux_desktop	10.0
turbolinux	turbolinux_server	7.0
turbolinux	turbolinux_server	8.0
turbolinux	turbolinux_workstation	7.0
turbolinux	turbolinux_workstation	8.0
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
              "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
    }
  ],
  "id": "CVE-2004-0817",
  "lastModified": "2024-11-20T23:49:29.053",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-548"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11084"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-03-12 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

References

URL	Tags
cve@mitre.org	http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01
cve@mitre.org	http://marc.info/?l=bugtraq&m=97916374410647&w=2
cve@mitre.org	http://www.kb.cert.org/vuls/id/579928	US Government Resource
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3	Patch
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-116.html
cve@mitre.org	http://www.securityfocus.com/bid/2191	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5914
af854a3a-2127-422b-91ae-364da2661108	http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=97916374410647&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/579928	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-116.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/2191	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5914

Impacted products

Vendor	Product	Version
immunix	immunix	7.0_beta
mandrakesoft	mandrake_linux	6.0
mandrakesoft	mandrake_linux	6.1
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	7.0
trustix	secure_linux	1.1
trustix	secure_linux	1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack."
    }
  ],
  "id": "CVE-2001-0117",
  "lastModified": "2024-11-20T23:34:38.553",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.2,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-03-12T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/579928"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2191"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/579928"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-02-09 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

References

URL	Tags
cve@mitre.org	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302
cve@mitre.org	http://secunia.com/advisories/12973
cve@mitre.org	http://www.debian.org/security/2004/dsa-603
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-476.html
cve@mitre.org	http://www.securityfocus.com/bid/11293	Patch, Vendor Advisory
cve@mitre.org	http://www.trustix.org/errata/2004/0050
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12973
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-603
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-476.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11293	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2004/0050
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
openssl	openssl	0.9.6
openssl	openssl	0.9.6a
openssl	openssl	0.9.6b
openssl	openssl	0.9.6c
openssl	openssl	0.9.6d
openssl	openssl	0.9.6e
openssl	openssl	0.9.6f
openssl	openssl	0.9.6g
openssl	openssl	0.9.6h
openssl	openssl	0.9.6i
openssl	openssl	0.9.6j
openssl	openssl	0.9.6k
openssl	openssl	0.9.6l
openssl	openssl	0.9.6m
openssl	openssl	0.9.7c
openssl	openssl	0.9.7d
gentoo	linux	*
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E4742C-A983-4F00-B24F-AB280C0E876D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A0628DF-3A4C-4078-B615-22260671EABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "962FCB86-15AD-4399-8B7D-EC1DEA919C59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
              "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
              "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
              "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
              "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
              "matchCriteriaId": "2636B92E-47D5-42EA-9585-A2B84FBE71CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
              "matchCriteriaId": "72FE2F46-2D0C-4C90-AFBE-D2E7B496D6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
              "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE6CBD6-D6DD-4BC5-93F6-FDEA70163336",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files."
    }
  ],
  "id": "CVE-2004-0975",
  "lastModified": "2024-11-20T23:49:48.753",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-02-09T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/12973"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-603"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11293"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2004/0050"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/12973"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11293"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2004/0050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-03-12 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=97846489313059&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=97958594330100&w=2
cve@mitre.org	http://www.beedub.com/exmh/symlink.html	Patch, Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2001/dsa-022
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5829
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=97846489313059&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=97958594330100&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.beedub.com/exmh/symlink.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2001/dsa-022
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5829

Impacted products

Vendor	Product	Version
exmh	exmh	*
debian	debian_linux	2.2
mandrakesoft	mandrake_linux	6.0
mandrakesoft	mandrake_linux	6.1
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:exmh:exmh:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9AE88C1-653D-4CD3-AB78-038E7CB60F09",
              "versionEndIncluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file."
    }
  ],
  "id": "CVE-2001-0125",
  "lastModified": "2024-11-20T23:34:39.687",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.2,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-03-12T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=97846489313059\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=97958594330100\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.beedub.com/exmh/symlink.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2001/dsa-022"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5829"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=97846489313059\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=97958594330100\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.beedub.com/exmh/symlink.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2001/dsa-022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5829"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-03-14 05:00

Modified

2024-11-20 23:55

Severity ?

Summary

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

References

URL	Tags
secalert@redhat.com	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933
secalert@redhat.com	http://gaim.sourceforge.net/security/index.php?id=11
secalert@redhat.com	http://marc.info/?l=bugtraq&m=110935655500670&w=2
secalert@redhat.com	http://secunia.com/advisories/14322
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml
secalert@redhat.com	http://www.kb.cert.org/vuls/id/523888	Patch, Third Party Advisory, US Government Resource
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2005:049
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2005_36_sudo.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2005-215.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.securityfocus.com/archive/1/426078/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/12589
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/19381
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933
af854a3a-2127-422b-91ae-364da2661108	http://gaim.sourceforge.net/security/index.php?id=11
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110935655500670&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14322
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/523888	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:049
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2005_36_sudo.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-215.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/426078/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12589
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/19381
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212

Impacted products

Vendor	Product	Version
rob_flynn	gaim	1.0
rob_flynn	gaim	1.0.1
rob_flynn	gaim	1.1.1
rob_flynn	gaim	1.1.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0208."
    }
  ],
  "id": "CVE-2005-0473",
  "lastModified": "2024-11-20T23:55:13.017",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-03-14T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://gaim.sourceforge.net/security/index.php?id=11"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/14322"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/523888"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/12589"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://gaim.sourceforge.net/security/index.php?id=11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14322"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/523888"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/12589"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-03-26 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html
cve@mitre.org	http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt
cve@mitre.org	http://www.debian.org/security/2001/dsa-039
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2	Patch, Vendor Advisory
cve@mitre.org	http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-002.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/157650	Patch
cve@mitre.org	http://www.securityfocus.com/bid/2223	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5971
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html
af854a3a-2127-422b-91ae-364da2661108	http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2001/dsa-039
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-002.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/157650	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/2223	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5971

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_linux	6.0
mandrakesoft	mandrake_linux	6.1
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	6.0
redhat	linux	6.0
redhat	linux	6.0
redhat	linux	6.1
redhat	linux	6.1
redhat	linux	6.1
redhat	linux	6.2
redhat	linux	6.2
redhat	linux	6.2
trustix	secure_linux	1.1
trustix	secure_linux	1.2
turbolinux	turbolinux	*
turbolinux	turbolinux	6.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*",
              "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A94B142D-DA33-41BF-9398-C7ABB94C30DF",
              "versionEndIncluding": "6.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCEBB085-ECEE-4E18-951B-FC15C0646047",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib."
    }
  ],
  "id": "CVE-2001-0169",
  "lastModified": "2024-11-20T23:34:45.633",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-03-26T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2001/dsa-039"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/archive/1/157650"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2223"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2001/dsa-039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/archive/1/157650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-02-28 21:44

Modified

2024-11-21 00:42

Severity ?

Summary

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://scary.beasts.org/security/CESA-2008-001.html	Exploit
secalert@redhat.com	http://secunia.com/advisories/29101	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29103	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29112	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29135	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29147	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29154	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29169	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29196	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29314	URL Repurposed
secalert@redhat.com	http://secunia.com/advisories/29768	URL Repurposed
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370633	Mailing List
secalert@redhat.com	http://wiki.rpath.com/Advisories:rPSA-2008-0082	Broken Link
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1510	Patch
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml	Patch
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:055	Third Party Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2008-0155.html	URL Repurposed
secalert@redhat.com	http://www.securityfocus.com/archive/1/488932/100/0/threaded	Broken Link, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/archive/1/488946/100/0/threaded	Broken Link, VDB Entry
secalert@redhat.com	http://www.securityfocus.com/bid/28017	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securitytracker.com/id?1019511	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/usn-599-1	Third Party Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0693/references	Not Applicable
secalert@redhat.com	https://issues.rpath.com/browse/RPL-2217	Broken Link
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557	Broken Link
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://scary.beasts.org/security/CESA-2008-001.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29101	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29103	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29112	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29135	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29147	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29154	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29169	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29196	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29314	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29768	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370633	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/Advisories:rPSA-2008-0082	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1510	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:055	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0155.html	URL Repurposed
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/488932/100/0/threaded	Broken Link, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/488946/100/0/threaded	Broken Link, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28017	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019511	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-599-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0693/references	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-2217	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html	Release Notes, Third Party Advisory

Impacted products

Vendor	Product	Version
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007.0_x86_64
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrakesoft_corporate_server	3.0_x86_64
mandrakesoft	mandrakesoft_corporate_server	4.0_x86_64
redhat	desktop	3.0
redhat	desktop	4.0
redhat	enterprise_linux	5
redhat	enterprise_linux	as_3
redhat	enterprise_linux	as_4
redhat	enterprise_linux	es_3
redhat	enterprise_linux	es_4
redhat	enterprise_linux	ws_3
redhat	enterprise_linux	ws_4
redhat	enterprise_linux_desktop	5
redhat	enterprise_linux_desktop_workstation	5
rpath	rpath_linux	1
suse	novell_linux_pos	9
suse	open_suse	10.2
suse	open_suse	10.3
suse	suse_linux	9.0
suse	suse_linux	10
suse	suse_linux	10
suse	suse_linux	10.1
suse	suse_linux	10.1
suse	suse_linux	10.1
suse	suse_open_enterprise_server	0
ghostscript	ghostscript	*
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
ghostscript	ghostscript	0
ghostscript	ghostscript	8.0.1
ghostscript	ghostscript	8.15

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "EFB8DE9F-2130-49E9-85EE-6793ED9FBEED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.0_x86_64:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4784E4-24D1-4E22-B880-846F21F52F73",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7AD2F3-451D-4F37-A6F3-DE676804BBA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrakesoft_corporate_server:3.0_x86_64:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E8AA83A-C1D6-486F-A765-065E3BCAAC3F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrakesoft_corporate_server:4.0_x86_64:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD9BC765-C645-417C-A01C-AD37AE9DC81E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8CB34E-02FE-4F90-9642-B56D3B3ACEF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AB2579A-2BC9-4E16-9641-248222301660",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*",
              "matchCriteriaId": "5833A489-D6DE-4D51-9E74-189CBC2E28CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:as_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "421C0021-66EB-4F4C-9D79-6366A4702CC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:as_4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F23BD8DF-6E8E-4DF2-A700-8E050D967547",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:es_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0FE33D-756C-449F-B54C-8677C9AD002D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:es_4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF1F027-C9FF-4583-AB40-E0B757F9EE41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:ws_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EA8914F-DB6D-4C21-A727-8B94BE0424BF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:ws_4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18EBE6E-482D-435D-851C-73EC301F0A26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5:*:client:*:*:*:*:*",
              "matchCriteriaId": "AF3FB21C-AC0E-4F6C-B68A-9405E57ADCF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_workstation:5:*:client:*:*:*:*:*",
              "matchCriteriaId": "0E22A48D-9770-4BEC-BFA7-F9BD8C31AC44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:novell_linux_pos:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1197AF2-7BAE-4035-8C56-885CD12BDB6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:open_suse:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A876EFC5-50DC-4A6A-A9F2-24D8AC773E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:open_suse:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D71E02A6-5F83-46EC-88C1-687E6EB88F5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10:sp1:enterprise_desktop:*:*:*:*:*",
              "matchCriteriaId": "C4F119BA-1FCA-41DF-B834-62F14CA8816E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10:sp1:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "26B6132C-4FF0-4359-B0A6-BBA4ED73E1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "84B05DB5-3BF9-4576-970B-A1701FC369AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "F15CDDE2-BA9E-4B8D-8B01-21494360290E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "5B367EE1-EB53-4DC6-B154-FFA99060DA47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_open_enterprise_server:0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4B0E781-64D4-4C1B-A8DE-9EB9ECC7F0F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "838F2E76-9050-499F-AE47-5EF3AB7104A3",
              "versionEndIncluding": "8.61",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "EFB8DE9F-2130-49E9-85EE-6793ED9FBEED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E68242D-465A-443F-9D25-BE57F9080394",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9877DC36-5151-43C9-864D-BE7939A0304D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F9F0F0A-E413-42CC-B67D-434EC6A92543",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n zseticcspace de zicc.c en Ghostscript 8.61 y anteriores permite a atacantes remotos    ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo postscript (.ps) que contiene un array de Range (rango) largo en un operador .seticcspace."
    }
  ],
  "id": "CVE-2008-0411",
  "lastModified": "2024-11-21T00:42:01.810",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-02-28T21:44:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2008-001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29101"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29103"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29112"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29135"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29154"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29169"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29196"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29314"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29768"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.370633"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0082"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1510"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:055"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0155.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/488932/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/488946/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/28017"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1019511"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-599-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0693/references"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-2217"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://scary.beasts.org/security/CESA-2008-001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29103"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29135"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29196"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29314"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://secunia.com/advisories/29768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.370633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2008/dsa-1510"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "URL Repurposed"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0155.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/488932/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/archive/1/488946/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/28017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1019511"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/usn-599-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0693/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-2217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-10-20 04:00

Modified

2024-11-20 23:48

Severity ?

Summary

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/12488/	Patch, Vendor Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/11153	Patch, Vendor Advisory
cve@mitre.org	http://www.webmin.com/uchanges-1.089.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17299
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12488/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11153	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.webmin.com/uchanges-1.089.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17299

Impacted products

Vendor	Product	Version
usermin	usermin	1.000
usermin	usermin	1.010
usermin	usermin	1.020
usermin	usermin	1.030
usermin	usermin	1.040
usermin	usermin	1.051
usermin	usermin	1.060
usermin	usermin	1.070
usermin	usermin	1.080
webmin	webmin	1.0.00
webmin	webmin	1.0.20
webmin	webmin	1.0.50
webmin	webmin	1.0.60
webmin	webmin	1.0.70
webmin	webmin	1.0.80
webmin	webmin	1.0.90
webmin	webmin	1.1.00
webmin	webmin	1.1.10
webmin	webmin	1.1.21
webmin	webmin	1.1.30
webmin	webmin	1.1.40
webmin	webmin	1.1.50
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.000:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70274C3-7CA0-49A2-B63C-7DAF492CCD0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.010:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7C4A319-0EA6-47E0-831A-27530DCF714E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.020:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1009D90-9851-441B-A2E2-FA5B676E8182",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.030:*:*:*:*:*:*:*",
              "matchCriteriaId": "934A3D3F-CF10-478C-9206-DB468BCA4702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.040:*:*:*:*:*:*:*",
              "matchCriteriaId": "77B42570-F094-4C25-B246-6439D3FF4B30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A30BB5-2C3F-4C39-8CDC-CC0CC280384C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.060:*:*:*:*:*:*:*",
              "matchCriteriaId": "753BF8DE-D225-4301-A6A6-50CD60B34234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.070:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC37A972-11D7-4C85-A8DC-5EDE808629F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:usermin:usermin:1.080:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA7131C0-4FE1-4D69-9B21-8A9BFADE2A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.0.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4A574A-5B2A-4769-B932-E1736564160A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9425C1F-5E6A-489A-9A8B-9156E79FEAA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.0.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "C968FBE9-191A-40B1-9A69-BF24511E40B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.0.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "D89047FD-39F0-4614-B1EC-D13BAF57405E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.0.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CDF2120-F341-4C2E-88C1-A6C76626BFF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "01DFC15C-3513-4E94-B46D-94FEA0D627FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4E068D3-F6B5-4102-B9FA-949E2FAA33D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E6BD551-EC6A-4C77-B9E7-B9CF3DC21021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B0FE2D-02BC-4081-B172-64A74389C5F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "1615ACA2-32CC-48B7-AB5A-0BB0FDA7F190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5ABAE43-0EEF-44D5-AB36-44DA54290122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.1.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD33CE40-DFC9-4BDC-BF4F-9E0B268B8503",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:1.1.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "8608F5A2-B6FA-43C6-9862-43DBAF01EB1C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory."
    },
    {
      "lang": "es",
      "value": "El script maketemp.pl en Usermin 1.070 y 1.080 permite a usuarios locales sobreescribir ficheros de su elecci\u00f3n durante la instalaci\u00f3n mediante un ataque de enlaces simb\u00f3licos en el directorio /tmp/.usermin"
    }
  ],
  "id": "CVE-2004-0559",
  "lastModified": "2024-11-20T23:48:51.420",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12488/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11153"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.webmin.com/uchanges-1.089.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17299"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12488/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.webmin.com/uchanges-1.089.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17299"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2002-08-12 04:00

Modified

2024-11-20 23:39

Severity ?

Summary

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.

References

URL	Tags
cve@mitre.org	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523
cve@mitre.org	http://marc.info/?l=bugtraq&m=102795787713996&w=2
cve@mitre.org	http://online.securityfocus.com/advisories/4320
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2002-132.html	Patch, Vendor Advisory
cve@mitre.org	http://www.iss.net/security_center/static/9709.php
cve@mitre.org	http://www.kb.cert.org/vuls/id/405955	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php
cve@mitre.org	http://www.osvdb.org/5164
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-137.html
cve@mitre.org	http://www.securityfocus.com/bid/5344
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=102795787713996&w=2
af854a3a-2127-422b-91ae-364da2661108	http://online.securityfocus.com/advisories/4320
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2002-132.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/9709.php
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/405955	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/5164
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-137.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/5344

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_single_network_firewall	7.2
hp	secure_os	1.0
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux	8.1
mandrakesoft	mandrake_linux	8.1
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	6.0
redhat	linux	6.0
redhat	linux	6.0
redhat	linux	6.1
redhat	linux	6.1
redhat	linux	6.1
redhat	linux	6.2
redhat	linux	6.2
redhat	linux	6.2
redhat	linux	7.0
redhat	linux	7.0
redhat	linux	7.1
redhat	linux	7.1
redhat	linux	7.1
redhat	linux	7.2
redhat	linux	7.2
redhat	linux	7.2
redhat	linux	7.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
    },
    {
      "lang": "es",
      "value": "setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se modifica /etc/passwd, lo que puede permitir a usuarios locales ganar privilegios mediante una compleja condici\u00f3n de carrera que usa un descriptor de fichero abierto en utilidades como chfn y chsh."
    }
  ],
  "id": "CVE-2002-0638",
  "lastModified": "2024-11-20T23:39:31.580",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-08-12T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://online.securityfocus.com/advisories/4320"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.iss.net/security_center/static/9709.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/405955"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/5164"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/5344"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://online.securityfocus.com/advisories/4320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.iss.net/security_center/static/9709.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/405955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/5164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/5344"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-01-12 02:46

Modified

2024-11-21 00:39

Severity ?

Summary

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

References

URL	Tags
secalert@redhat.com	http://bugs.gentoo.org/show_bug.cgi?id=202628
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html
secalert@redhat.com	http://lists.vmware.com/pipermail/security-announce/2008/000009.html
secalert@redhat.com	http://mail.gnome.org/archives/xml/2008-January/msg00036.html
secalert@redhat.com	http://secunia.com/advisories/28439	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28444	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28450	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28452	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28458	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28466	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28470	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28475	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28636	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28716	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/28740
secalert@redhat.com	http://secunia.com/advisories/29591
secalert@redhat.com	http://secunia.com/advisories/31074
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200801-20.xml
secalert@redhat.com	http://securitytracker.com/id?1019181
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1461
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:010
secalert@redhat.com	http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2008-0032.html	Patch
secalert@redhat.com	http://www.securityfocus.com/archive/1/486410/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/490306/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/27248
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0117
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/0144
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/1033/references
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/2094/references
secalert@redhat.com	http://www.xmlsoft.org/news.html
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=425927
secalert@redhat.com	https://issues.rpath.com/browse/RPL-2121
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216
secalert@redhat.com	https://usn.ubuntu.com/569-1/
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=202628
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2008/000009.html
af854a3a-2127-422b-91ae-364da2661108	http://mail.gnome.org/archives/xml/2008-January/msg00036.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28439	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28444	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28450	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28452	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28458	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28466	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28470	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28475	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28636	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28716	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28740
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29591
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31074
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-20.xml
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019181
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1461
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:010
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0032.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/486410/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490306/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27248
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0117
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0144
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1033/references
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2094/references
af854a3a-2127-422b-91ae-364da2661108	http://www.xmlsoft.org/news.html
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=425927
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-2121
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/569-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html

Impacted products

Vendor	Product	Version
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
redhat	fedora	7
redhat	fedora	8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "EFB8DE9F-2130-49E9-85EE-6793ED9FBEED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7AD2F3-451D-4F37-A6F3-DE676804BBA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE2027FA-357A-4BE3-9043-6DE8307C040A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E8256F-3FB6-45B2-8F03-02A61C10FAF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n xmlCurrentChar de libxml2, en versiones anteriores a la 2.6.31, permite que algunos atacantes, dependiendo del contexto, provoquen denegaci\u00f3n de servicio (por bucle infinito) usando un XML que contenga secuencias no v\u00e1lidas de UTF-8.\r\n\r\n"
    }
  ],
  "id": "CVE-2007-6284",
  "lastModified": "2024-11-21T00:39:46.433",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-01-12T02:46:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=202628"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000009.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://mail.gnome.org/archives/xml/2008-January/msg00036.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28439"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28444"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28450"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28452"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28458"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28466"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28470"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28475"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28636"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28716"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28740"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29591"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31074"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200801-20.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1019181"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1461"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0032.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/486410/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/490306/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/27248"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0117"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/0144"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1033/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/2094/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.xmlsoft.org/news.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2121"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/569-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=202628"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mail.gnome.org/archives/xml/2008-January/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28452"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28458"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28475"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200801-20.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019181"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0032.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/486410/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490306/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/27248"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1033/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2094/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.xmlsoft.org/news.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/569-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-21 05:00

Modified

2024-11-20 23:50

Severity ?

Summary

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html	Patch, Vendor Advisory
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1
cve@mitre.org	http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true	Patch, Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/539110	Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA05-136A.html	US Government Resource
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/539110	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA05-136A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175

Impacted products

Vendor	Product	Version
avaya	call_management_system_server	8.0
avaya	call_management_system_server	9.0
avaya	call_management_system_server	11.0
avaya	call_management_system_server	12.0
avaya	call_management_system_server	13.0
avaya	cvlan	*
avaya	integrated_management	*
avaya	interactive_response	*
avaya	interactive_response	1.2.1
avaya	interactive_response	1.3
avaya	intuity_audix_lx	*
f5	icontrol_service_manager	1.3
f5	icontrol_service_manager	1.3.4
f5	icontrol_service_manager	1.3.5
f5	icontrol_service_manager	1.3.6
libtiff	libtiff	3.4
libtiff	libtiff	3.5.1
libtiff	libtiff	3.5.2
libtiff	libtiff	3.5.3
libtiff	libtiff	3.5.4
libtiff	libtiff	3.5.5
libtiff	libtiff	3.5.7
libtiff	libtiff	3.6.0
libtiff	libtiff	3.6.1
libtiff	libtiff	3.7.0
sgi	propack	3.0
conectiva	linux	9.0
conectiva	linux	10.0
avaya	mn100	*
apple	mac_os_x	10.3
apple	mac_os_x	10.3.1
apple	mac_os_x	10.3.2
apple	mac_os_x	10.3.3
apple	mac_os_x	10.3.4
apple	mac_os_x	10.3.5
apple	mac_os_x	10.3.6
apple	mac_os_x	10.3.7
apple	mac_os_x	10.3.8
apple	mac_os_x	10.3.9
apple	mac_os_x_server	10.3
apple	mac_os_x_server	10.3.1
apple	mac_os_x_server	10.3.2
apple	mac_os_x_server	10.3.3
apple	mac_os_x_server	10.3.4
apple	mac_os_x_server	10.3.5
apple	mac_os_x_server	10.3.6
apple	mac_os_x_server	10.3.7
apple	mac_os_x_server	10.3.8
apple	mac_os_x_server	10.3.9
avaya	modular_messaging_message_storage_server	1.1
avaya	modular_messaging_message_storage_server	2.0
gentoo	linux	*
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
sco	unixware	7.1.4
sun	solaris	7.0
sun	solaris	8.0
sun	solaris	9.0
sun	solaris	9.0
sun	solaris	9.0
sun	solaris	10.0
sun	solaris	10.0
sun	sunos	5.7
sun	sunos	5.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:call_management_system_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "618B807E-29B5-4CD0-BBA2-E20E45AC192D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:call_management_system_server:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E9C378A-2151-45D1-A7EC-1F27E794D878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:call_management_system_server:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "18D3AF16-3591-44FB-B3F8-E92DAA8FA936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:call_management_system_server:12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FF4D54-3E14-42CA-9FC6-2534B3F00903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:call_management_system_server:13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53D3C3D9-D54C-4D6C-9D82-7653445680C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:cvlan:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FE82341-3E73-4F5B-BD9E-06C83F22E831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D12D6986-429E-4152-A6E5-4CC1FB9556D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:interactive_response:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EE68944-C31D-4B49-BC8F-07944E0E82AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:interactive_response:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3427704B-08E7-4B33-B4F0-071EFA4FAE9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:interactive_response:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70755CC-4FF4-4E0E-9CFC-71F50FCC854E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D21889-2F4E-460B-AA92-4E910B7CBBDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A7379DC-AF87-436C-9942-8CC5CF781918",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A2B0D82-C75B-43EB-9DD1-4270B8BE52A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "06819549-ECD7-4568-BB15-C0A226A65F91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "72EA2403-F428-407E-B32E-C8D5792B4DB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABEEBA7B-81D5-4148-912B-9AD448BBE741",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D073442B-D7E7-4E07-AF2D-E22FE65B09A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E25F5CF2-F891-41CA-A40C-13966F72FDF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7417958C-5321-41D6-9D1A-D16BF5511E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "059218D3-A3AD-4A10-9AA4-FBB689321D90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
              "matchCriteriaId": "3F305CBD-4329-44DE-A85C-DE9FF371425E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*",
              "matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow."
    }
  ],
  "id": "CVE-2004-1307",
  "lastModified": "2024-11-20T23:50:33.657",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-21T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/539110"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/539110"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "This issue was resolved in all affected libtiff versions as shipped with Red Hat Enterprise Linux 2.1, 3, and 4 via a patch for CVE-2004-0886.  For updates containing patches for CVE-2004-0886, see: https://rhn.redhat.com/errata/CVE-2004-0886.html",
      "lastModified": "2008-08-12T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2003-07-24 04:00

Modified

2024-11-20 23:44

Severity ?

Summary

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

References

URL	Tags
cve@mitre.org	http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=105777963019186&w=2
cve@mitre.org	http://secunia.com/advisories/9037
cve@mitre.org	http://secunia.com/advisories/9038
cve@mitre.org	http://www.kb.cert.org/vuls/id/200132	US Government Resource
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2003:071
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-196.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2003-197.html	Patch, Vendor Advisory
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=105777963019186&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/9037
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/9038
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/200132	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2003:071
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-196.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2003-197.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664

Impacted products

Vendor	Product	Version
adobe	acrobat	5.0.6
xpdf	xpdf	1.1
mandrakesoft	mandrake_linux	9.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	linux	7.1
redhat	linux	7.2
redhat	linux	7.3
redhat	linux	8.0
redhat	linux	9.0
redhat	linux_advanced_workstation	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B453FA1D-0FE9-4324-9644-E167561926C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink."
    },
    {
      "lang": "es",
      "value": "Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecuci\u00f3n arbitraria de comandos mediante metacaracteres de shell en un hiperv\u00ednculo embebido."
    }
  ],
  "id": "CVE-2003-0434",
  "lastModified": "2024-11-20T23:44:43.847",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-07-24T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/9037"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/9038"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/200132"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/9037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/9038"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/200132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-07-26 04:00

Modified

2024-11-20 23:59

Severity ?

Summary

nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.

References

URL	Tags
cve@mitre.org	http://qa.mandriva.com/show_bug.cgi?id=13271
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:121	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/40501
af854a3a-2127-422b-91ae-364da2661108	http://qa.mandriva.com/show_bug.cgi?id=13271
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:121	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/40501

Impacted products

	Vendor	Product	Version
	mandrakesoft	mandrake_linux	10.0
	mandrakesoft	mandrake_linux_corporate_server	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E842CFC9-6A9E-4DDA-9E54-7AF926772B0E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable.  NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE."
    },
    {
      "lang": "es",
      "value": "nss_ldap 181 hasta la versi\u00f3n 213, usado en Madrake Corporate Server y Mandarke 10.0 y otros sistemas operativos no maneja adecuadamente la se\u00f1al SIGPIPE cuando env\u00eda una petici\u00f3n a un servidor de directorios LDAP, lo que podr\u00eda permitir que atacantes remotos causen una denegaci\u00f3n de servicio (ca\u00edda de crond y otras aplicaciones)."
    }
  ],
  "id": "CVE-2005-2377",
  "lastModified": "2024-11-20T23:59:24.933",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-07-26T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://qa.mandriva.com/show_bug.cgi?id=13271"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:121"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://qa.mandriva.com/show_bug.cgi?id=13271"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40501"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-06-27 04:00

Modified

2024-11-20 23:35

Severity ?

Summary

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html	Patch, Vendor Advisory
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000383
cve@mitre.org	http://marc.info/?l=bugtraq&m=98471253131191&w=2
cve@mitre.org	http://www.debian.org/security/2001/dsa-040	Patch, Vendor Advisory
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-028.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/2493
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/6213
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000383
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=98471253131191&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2001/dsa-040	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-028.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/2493
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/6213

Impacted products

Vendor	Product	Version
debian	debian_linux	*
mandrakesoft	mandrake_linux	6.0
mandrakesoft	mandrake_linux	6.1
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	6.2
redhat	linux	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2424DDDB-8C74-42F8-B131-791AD8CEFF63",
              "versionEndIncluding": "2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header."
    }
  ],
  "id": "CVE-2001-0441",
  "lastModified": "2024-11-20T23:35:22.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-06-27T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2001/dsa-040"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/2493"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2001/dsa-040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/2493"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:02

Severity ?

Summary

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

References

URL	Tags
secalert@redhat.com	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
secalert@redhat.com	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	Patch
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2006-0177.html	Patch, Vendor Advisory
secalert@redhat.com	http://scary.beasts.org/security/CESA-2005-003.txt	Exploit, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18147
secalert@redhat.com	http://secunia.com/advisories/18303	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18312	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18313	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18329	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18332	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18334
secalert@redhat.com	http://secunia.com/advisories/18338	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18349	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18373
secalert@redhat.com	http://secunia.com/advisories/18375	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18380
secalert@redhat.com	http://secunia.com/advisories/18385	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18387	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18389	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18398	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18407	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18414
secalert@redhat.com	http://secunia.com/advisories/18416	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18423	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18425
secalert@redhat.com	http://secunia.com/advisories/18428
secalert@redhat.com	http://secunia.com/advisories/18436
secalert@redhat.com	http://secunia.com/advisories/18448	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18463
secalert@redhat.com	http://secunia.com/advisories/18517	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18534	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18554	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18582	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18642	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18644	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18674	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18675	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18679	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/18908
secalert@redhat.com	http://secunia.com/advisories/18913	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/19230
secalert@redhat.com	http://secunia.com/advisories/19377
secalert@redhat.com	http://secunia.com/advisories/25729
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
secalert@redhat.com	http://www.debian.org/security/2005/dsa-931
secalert@redhat.com	http://www.debian.org/security/2005/dsa-932
secalert@redhat.com	http://www.debian.org/security/2005/dsa-937
secalert@redhat.com	http://www.debian.org/security/2005/dsa-938
secalert@redhat.com	http://www.debian.org/security/2005/dsa-940
secalert@redhat.com	http://www.debian.org/security/2006/dsa-936	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-950	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-961	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-962	Patch, Vendor Advisory
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	Patch, Vendor Advisory
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml	Patch, Vendor Advisory
secalert@redhat.com	http://www.kde.org/info/security/advisory-20051207-2.txt	Patch, Vendor Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
secalert@redhat.com	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0160.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0163.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/427053/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/427990/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/16143	Patch
secalert@redhat.com	http://www.trustix.org/errata/2006/0002/
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/0047
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/2280
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/24022
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437
secalert@redhat.com	https://usn.ubuntu.com/236-1/
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U
af854a3a-2127-422b-91ae-364da2661108	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2006-0177.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://scary.beasts.org/security/CESA-2005-003.txt	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18147
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18303	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18312	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18313	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18329	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18332	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18334
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18338	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18349	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18373
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18375	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18380
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18385	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18387	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18389	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18398	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18407	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18414
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18416	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18423	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18425
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18428
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18436
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18448	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18463
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18517	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18534	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18554	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18582	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18642	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18644	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18674	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18675	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18679	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18908
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18913	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19230
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19377
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25729
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-931
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-932
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-937
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-938
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-940
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-936	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-950	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-961	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-962	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kde.org/info/security/advisory-20051207-2.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0160.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0163.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/427053/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/427990/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16143	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2006/0002/
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0047
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2280
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24022
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/236-1/

Impacted products

Vendor	Product	Version
easy_software_products	cups	1.1.22
easy_software_products	cups	1.1.22_rc1
easy_software_products	cups	1.1.23
easy_software_products	cups	1.1.23_rc1
kde	kdegraphics	3.2
kde	kdegraphics	3.4.3
kde	koffice	1.4
kde	koffice	1.4.1
kde	koffice	1.4.2
kde	kpdf	3.2
kde	kpdf	3.4.3
kde	kword	1.4.2
libextractor	libextractor	*
poppler	poppler	0.4.2
sgi	propack	3.0
tetex	tetex	1.0.7
tetex	tetex	2.0
tetex	tetex	2.0.1
tetex	tetex	2.0.2
tetex	tetex	3.0
xpdf	xpdf	3.0
conectiva	linux	10.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
gentoo	linux	*
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux	10.2
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	fedora_core	core_4.0
redhat	linux	7.3
redhat	linux	9.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
sco	openserver	5.0.7
sco	openserver	6.0
slackware	slackware_linux	9.0
slackware	slackware_linux	9.1
slackware	slackware_linux	10.0
slackware	slackware_linux	10.1
slackware	slackware_linux	10.2
suse	suse_linux	1.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.2
suse	suse_linux	9.2
suse	suse_linux	9.2
suse	suse_linux	9.3
suse	suse_linux	9.3
suse	suse_linux	9.3
suse	suse_linux	10.0
suse	suse_linux	10.0
trustix	secure_linux	2.0
trustix	secure_linux	2.2
trustix	secure_linux	3.0
turbolinux	turbolinux	10
turbolinux	turbolinux	fuji
turbolinux	turbolinux_appliance_server	1.0_hosting_edition
turbolinux	turbolinux_appliance_server	1.0_workgroup_edition
turbolinux	turbolinux_desktop	10.0
turbolinux	turbolinux_home	*
turbolinux	turbolinux_multimedia	*
turbolinux	turbolinux_personal	*
turbolinux	turbolinux_server	8.0
turbolinux	turbolinux_server	10.0
turbolinux	turbolinux_server	10.0_x86
turbolinux	turbolinux_workstation	8.0
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.04
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
              "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
              "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
              "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
              "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
              "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
              "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
              "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
              "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
              "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
    }
  ],
  "id": "CVE-2005-3624",
  "lastModified": "2024-11-21T00:02:16.720",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/236-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18313"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18349"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18375"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18385"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18407"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18425"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18448"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18674"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18908"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18913"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19230"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-938"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-961"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2006/dsa-962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2006/0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/236-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-04-06 01:19

Modified

2024-11-21 00:28

Severity ?

Summary

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

References

URL	Tags
secalert@redhat.com	http://issues.foresightlinux.org/browse/FL-223
secalert@redhat.com	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502
secalert@redhat.com	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
secalert@redhat.com	http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2007-0125.html
secalert@redhat.com	http://secunia.com/advisories/24741	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24745
secalert@redhat.com	http://secunia.com/advisories/24756	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24758
secalert@redhat.com	http://secunia.com/advisories/24765
secalert@redhat.com	http://secunia.com/advisories/24770	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24771
secalert@redhat.com	http://secunia.com/advisories/24772
secalert@redhat.com	http://secunia.com/advisories/24791
secalert@redhat.com	http://secunia.com/advisories/25004
secalert@redhat.com	http://secunia.com/advisories/25006
secalert@redhat.com	http://secunia.com/advisories/25195
secalert@redhat.com	http://secunia.com/advisories/25216
secalert@redhat.com	http://secunia.com/advisories/25305
secalert@redhat.com	http://secunia.com/advisories/33937
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200705-10.xml
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
secalert@redhat.com	http://support.apple.com/kb/HT3438
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1294
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_27_x.html
secalert@redhat.com	http://www.openbsd.org/errata39.html#021_xorg
secalert@redhat.com	http://www.openbsd.org/errata40.html#011_xorg
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0126.html	Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0132.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/464686/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/464816/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/23283
secalert@redhat.com	http://www.securityfocus.com/bid/23300
secalert@redhat.com	http://www.securitytracker.com/id?1017857
secalert@redhat.com	http://www.ubuntu.com/usn/usn-448-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1217
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1548
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/33419
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1213
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243
af854a3a-2127-422b-91ae-364da2661108	http://issues.foresightlinux.org/browse/FL-223
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2007-0125.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24741	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24745
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24756	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24758
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24765
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24770	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24771
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24772
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24791
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25004
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25006
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25195
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25216
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25305
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33937
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200705-10.xml
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3438
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1294
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_27_x.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openbsd.org/errata39.html#021_xorg
af854a3a-2127-422b-91ae-364da2661108	http://www.openbsd.org/errata40.html#011_xorg
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0126.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0132.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/464686/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/464816/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23283
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23300
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017857
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-448-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1217
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1548
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/33419
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1213
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_multi_network_firewall	2.0
x.org	libxfont	1.2.2
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	enterprise_linux_desktop	5.0
redhat	enterprise_linux_desktop	5.0
redhat	fedora_core	core_1.0
redhat	linux	9.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
slackware	slackware_linux	9.0
slackware	slackware_linux	9.1
slackware	slackware_linux	current
turbolinux	turbolinux_desktop	10.0
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
rpath	linux	1
openbsd	openbsd	3.9
openbsd	openbsd	4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFADBA5A-8168-40B8-B5CA-0F1F7F9193D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*",
              "matchCriteriaId": "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client_workstation:*:*:*:*:*",
              "matchCriteriaId": "50988CF6-07E5-44BA-81C2-C33DD8E7151B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia32:*:*:*:*:*",
              "matchCriteriaId": "49F400D5-4CA7-4F7D-818B-DEBF58DEB113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "EF15862D-6108-4791-8817-622123C8D10C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
              "matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en la funci\u00f3n FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante una primera l\u00ednea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de mont\u00f3n."
    }
  ],
  "evaluatorSolution": "The vendor has addressed this vulnerability in the following product update: http://xorg.freedesktop.org/archive/X11R7.2/patches/",
  "id": "CVE-2007-1352",
  "lastModified": "2024-11-21T00:28:05.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:M/Au:S/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 4.4,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-04-06T01:19:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://issues.foresightlinux.org/browse/FL-223"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24741"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24745"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24756"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24758"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24765"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24770"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24771"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24772"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24791"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25195"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25216"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25305"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/33937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT3438"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1294"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openbsd.org/errata39.html#021_xorg"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openbsd.org/errata40.html#011_xorg"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/23283"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/23300"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1017857"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-448-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1217"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1548"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1213"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://issues.foresightlinux.org/browse/FL-223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24745"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25195"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1294"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openbsd.org/errata39.html#021_xorg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openbsd.org/errata40.html#011_xorg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-448-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-09-18 19:17

Modified

2024-11-21 00:34

Severity ?

Summary

Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.

References

URL	Tags
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc
secalert@redhat.com	http://bugs.gentoo.org/show_bug.cgi?id=192472
secalert@redhat.com	http://dist.trolltech.com/developer/download/175791_3.diff
secalert@redhat.com	http://dist.trolltech.com/developer/download/175791_4.diff
secalert@redhat.com	http://fedoranews.org/updates/FEDORA-2007-221.shtml
secalert@redhat.com	http://fedoranews.org/updates/FEDORA-2007-703.shtml
secalert@redhat.com	http://osvdb.org/39384
secalert@redhat.com	http://secunia.com/advisories/26778	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/26782	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/26804
secalert@redhat.com	http://secunia.com/advisories/26811	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/26857
secalert@redhat.com	http://secunia.com/advisories/26868
secalert@redhat.com	http://secunia.com/advisories/26882
secalert@redhat.com	http://secunia.com/advisories/26987
secalert@redhat.com	http://secunia.com/advisories/27053
secalert@redhat.com	http://secunia.com/advisories/27275
secalert@redhat.com	http://secunia.com/advisories/27382
secalert@redhat.com	http://secunia.com/advisories/27996
secalert@redhat.com	http://secunia.com/advisories/28021
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200710-28.xml
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200712-08.xml
secalert@redhat.com	http://securitytracker.com/id?1018688
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm
secalert@redhat.com	http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1426
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:183
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_19_sr.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0883.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/481498/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/25657
secalert@redhat.com	http://www.ubuntu.com/usn/usn-513-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/3144
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=269001
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1751
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc
af854a3a-2127-422b-91ae-364da2661108	http://bugs.gentoo.org/show_bug.cgi?id=192472
af854a3a-2127-422b-91ae-364da2661108	http://dist.trolltech.com/developer/download/175791_3.diff
af854a3a-2127-422b-91ae-364da2661108	http://dist.trolltech.com/developer/download/175791_4.diff
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/updates/FEDORA-2007-221.shtml
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/updates/FEDORA-2007-703.shtml
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/39384
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26778	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26782	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26804
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26811	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26857
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26868
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26882
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26987
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27053
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27275
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27382
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27996
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28021
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200710-28.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200712-08.xml
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018688
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm
af854a3a-2127-422b-91ae-364da2661108	http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1426
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:183
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_19_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0883.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/481498/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25657
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-513-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3144
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=269001
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1751
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159

Impacted products

Vendor	Product	Version
conectiva	linux	9.0
conectiva	linux	10.0
gentoo	linux	*
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	5.0
redhat	linux	2.1
redhat	linux	3.0
redhat	linux	4.0
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	7.04
ubuntu	ubuntu_linux	7.04
ubuntu	ubuntu_linux	7.04
ubuntu	ubuntu_linux	7.04
trolltech	qt	3.0
trolltech	qt	3.0.3
trolltech	qt	3.0.5
trolltech	qt	3.1
trolltech	qt	3.1.1
trolltech	qt	3.1.2
trolltech	qt	3.2.1
trolltech	qt	3.2.3
trolltech	qt	3.3.0
trolltech	qt	3.3.1
trolltech	qt	3.3.2
trolltech	qt	3.3.3
trolltech	qt	3.3.4
trolltech	qt	3.3.5
trolltech	qt	3.3.6
trolltech	qt	3.3.7
trolltech	qt	3.3.8
trolltech	qt	4.1
trolltech	qt	4.1.4
trolltech	qt	4.1.5
trolltech	qt	4.2
trolltech	qt	4.2.1
trolltech	qt	4.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*",
              "matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*",
              "matchCriteriaId": "C4B5DD1C-BFF6-4247-B684-A7C3D8F60745",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*",
              "matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*",
              "matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*",
              "matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*",
              "matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*",
              "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*",
              "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*",
              "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*",
              "matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client_workstation:*:*:*:*:*",
              "matchCriteriaId": "28FBE982-794E-4C22-B5EE-F48269282C32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:2.1:*:aw_itanium:*:*:*:*:*",
              "matchCriteriaId": "6B34B4FF-A596-4B1E-8DA7-40B3498147EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBBA00E3-1147-4E6F-BE93-92494285F88F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
              "matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "7BD79C43-2615-47DE-A100-D21482D866F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386:*:*:*:*:*",
              "matchCriteriaId": "1856594D-7D84-4830-A8A7-2C9D4C2D61FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "0B20DDF0-2FAB-4EB0-B62D-2351514B2808",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "B7748895-CE00-4BB8-BFCD-A5559BA15869",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB2B261-F31A-4EDF-89D5-1648E7698559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E995A0F0-E1BB-441D-B145-1FB0AF4330DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B868D0-B166-455D-A96F-8530853D83EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F354E5EE-0B83-4960-98DF-9DBBB504C1C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B546D37F-7115-4CA4-8A63-BFCC0B9E1E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA756A7-DE14-40F4-87F6-B3374E88B21A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD3DFD7-307F-4110-A412-D1C56836DF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6D18E6C-5202-4406-AEC8-6477CDA7AE67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A881DD8-9B96-4581-B39B-7721CBCD5F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C314FF87-F182-4ABF-93D4-748EEF47C5FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63829009-5782-4671-8678-2F090CA5520A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AA116DA-DA3F-415C-88A7-3E65EAA2089C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9734F0E-6CB9-4C8C-B2D0-21ABA6A22D58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B28B5A5-98EF-4710-B8B5-D348692046BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1539C15-BF9A-43B5-8D29-A3F2C87F92A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9E9281D-0DB4-491C-AD2B-E7CA77FC7E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:3.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB7CA86-30F5-48B0-AB47-C4871E16DA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00ED4154-E5B7-49F5-B97F-2B02C82D6B0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC87D43-8E5E-4AD7-8228-345C042EC98F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1461D39A-7705-4932-ABA9-4A2869E692F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E47B11C-9098-4F39-8BF3-46C95CE63B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00F001C9-E388-437A-8F72-1C1C4D54FB7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:trolltech:qt:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C558DAB-23BD-4076-B839-36B269B97650",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow.  NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable."
    },
    {
      "lang": "es",
      "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una cadena Unicode manipulada que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo. NOTA: Qt 4 tiene el mismo error en la funci\u00f3n QUtf8Codec::convertToUnicode, pero no es explotable."
    }
  ],
  "id": "CVE-2007-4137",
  "lastModified": "2024-11-21T00:34:52.217",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-09-18T19:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://dist.trolltech.com/developer/download/175791_3.diff"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://dist.trolltech.com/developer/download/175791_4.diff"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/39384"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26778"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26782"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26804"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26811"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26857"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26868"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26882"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26987"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27053"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27275"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27382"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27996"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28021"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1018688"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1426"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/25657"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-513-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/3144"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1751"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dist.trolltech.com/developer/download/175791_3.diff"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dist.trolltech.com/developer/download/175791_4.diff"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/39384"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26782"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26804"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26987"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27053"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27996"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018688"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1426"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25657"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-513-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-03-12 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=97916374410647&w=2
cve@mitre.org	http://www.debian.org/security/2001/dsa-016
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3
cve@mitre.org	http://www.securityfocus.com/bid/2189	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5915
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=97916374410647&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2001/dsa-016
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/2189	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5915

Impacted products

Vendor	Product	Version
immunix	immunix	7.0_beta
debian	debian_linux	2.2
debian	debian_linux	2.2
debian	debian_linux	2.2
debian	debian_linux	2.2
debian	debian_linux	2.2
debian	debian_linux	2.2
mandrakesoft	mandrake_linux	6.0
mandrakesoft	mandrake_linux	6.1
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*",
              "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*",
              "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack."
    }
  ],
  "id": "CVE-2001-0138",
  "lastModified": "2024-11-20T23:34:41.553",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.2,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-03-12T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2001/dsa-016"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2189"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2001/dsa-016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-02-06 02:28

Modified

2024-11-21 00:25

Severity ?

Summary

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

References

URL	Tags
secalert@redhat.com	http://osvdb.org/33101
secalert@redhat.com	http://secunia.com/advisories/24021	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24046	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24060	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24067	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24101	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24145	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24151	Vendor Advisory
secalert@redhat.com	http://securitytracker.com/id?1017588
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
secalert@redhat.com	http://us1.samba.org/samba/security/CVE-2007-0454.html
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1257
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml
secalert@redhat.com	http://www.kb.cert.org/vuls/id/649732	US Government Resource
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:034
secalert@redhat.com	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/459179/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/459365/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/22403	Patch
secalert@redhat.com	http://www.trustix.org/errata/2007/0007
secalert@redhat.com	http://www.ubuntu.com/usn/usn-419-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/0483	Vendor Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/32304
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1005
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/33101
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24021	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24046	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24060	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24067	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24101	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24145	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24151	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017588
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916
af854a3a-2127-422b-91ae-364da2661108	http://us1.samba.org/samba/security/CVE-2007-0454.html
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1257
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/649732	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:034
af854a3a-2127-422b-91ae-364da2661108	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/459179/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/459365/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22403	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2007/0007
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-419-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0483	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/32304
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1005

Impacted products

Vendor	Product	Version
samba	samba	3.0.6
samba	samba	3.0.7
samba	samba	3.0.8
samba	samba	3.0.9
samba	samba	3.0.10
samba	samba	3.0.11
samba	samba	3.0.12
samba	samba	3.0.13
samba	samba	3.0.14
samba	samba	3.0.14a
samba	samba	3.0.20
samba	samba	3.0.20a
samba	samba	3.0.20b
samba	samba	3.0.21
samba	samba	3.0.21a
samba	samba	3.0.21b
samba	samba	3.0.21c
samba	samba	3.0.22
samba	samba	3.0.23d
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
debian	debian_linux	3.1
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux	2006
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linuxsoft_2007	*
mandrakesoft	mandrake_linuxsoft_2007	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D40F682-9F2E-465F-98F7-23E1036C74A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9478CC84-802F-4960-ACAB-3700154E813F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3806-E33A-49A6-99A4-095B4E543C43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA7D08FB-30B9-4E42-B831-21A0C095062C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E6C8A4-FA17-44EF-A447-C73108540B59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D5EA00-CC2E-4E56-8297-A3C1CEDBBE06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "50E05AD3-C7F0-421D-8C9B-604E553332E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A53517C-F12D-4D74-A722-5AE23598CEC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF4A0A7-E176-4009-BAA2-E23B330D91A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.14a:*:*:*:*:*:*:*",
              "matchCriteriaId": "42EB6115-CC45-4464-8400-D7E3A9402803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "F002F105-A911-4E56-8630-C287DC527E05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1936E19-9887-4E53-AA0C-738ABD4B97EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.20b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2206C09-6A4B-4EC4-A206-E48EDF966913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B918306-8743-404D-A035-CC3997ADCC3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21a:*:*:*:*:*:*:*",
              "matchCriteriaId": "43684906-D3AA-40FB-A75D-ED65C1DC9BB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21b:*:*:*:*:*:*:*",
              "matchCriteriaId": "62E39538-4811-49DB-97CF-1F018C58BAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.21c:*:*:*:*:*:*:*",
              "matchCriteriaId": "C85D69FE-AF43-4B0E-A7A9-2D2C16426180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "86347948-C08F-4F02-89A0-4F4A55CD4BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*",
              "matchCriteriaId": "54FE8D2E-AF0D-4C84-A5BC-2CE6759B534C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
              "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
              "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "07EC6C5A-33C9-456A-A8C9-0DF67C76041E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linuxsoft_2007:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7F55B87-1876-4855-9F62-9D6E2D295588",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linuxsoft_2007:*:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "2A0D5740-DD4E-408C-B70F-FD1E7626E1DB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de cadena de formato en el m\u00f3dulo VFS afsacl.so en Samba versi\u00f3n 3.0.6 hasta 3.0.23d permite a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de especificadores de cadena de formato en un nombre de archivo sobre un sistema de archivos AFS, que no se maneja apropiadamente durante la asignaci\u00f3n ACL de Windows."
    }
  ],
  "id": "CVE-2007-0454",
  "lastModified": "2024-11-21T00:25:54.330",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-02-06T02:28:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/33101"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24021"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24046"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24060"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24067"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24101"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24145"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24151"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1017588"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.476916"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://us1.samba.org/samba/security/CVE-2007-0454.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1257"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/649732"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:034"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/459179/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/22403"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2007/0007"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-419-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0483"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32304"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/33101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.476916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://us1.samba.org/samba/security/CVE-2007-0454.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/649732"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/459179/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/22403"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2007/0007"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-419-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/0483"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1005"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Not vulnerable. These issues affect the AFS ACL module which is not distributed with Samba in Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
      "lastModified": "2007-05-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-134"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2002-03-15 05:00

Modified

2024-11-20 23:38

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

References

URL	Tags
cve@mitre.org	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc	Broken Link
cve@mitre.org	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc	Broken Link
cve@mitre.org	ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt	Broken Link
cve@mitre.org	ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt	Broken Link
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html	Broken Link
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html	Broken Link
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467	Broken Link
cve@mitre.org	http://marc.info/?l=bugtraq&m=101552065005254&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=101553908201861&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=101561384821761&w=2	Mailing List
cve@mitre.org	http://marc.info/?l=bugtraq&m=101586991827622&w=2	Mailing List, Patch
cve@mitre.org	http://online.securityfocus.com/advisories/3960	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://online.securityfocus.com/archive/1/264657	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt	Broken Link
cve@mitre.org	http://www.debian.org/security/2002/dsa-119	Broken Link, Vendor Advisory
cve@mitre.org	http://www.iss.net/security_center/static/8383.php	Broken Link
cve@mitre.org	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php	Broken Link
cve@mitre.org	http://www.linuxsecurity.com/advisories/other_advisory-1937.html	Broken Link, Patch, Vendor Advisory
cve@mitre.org	http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html	Broken Link
cve@mitre.org	http://www.openbsd.org/advisories/ssh_channelalloc.txt	Vendor Advisory
cve@mitre.org	http://www.osvdb.org/730	Broken Link
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2002-043.html	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/4241	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc	Broken Link
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc	Broken Link
af854a3a-2127-422b-91ae-364da2661108	ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt	Broken Link
af854a3a-2127-422b-91ae-364da2661108	ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101552065005254&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101553908201861&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101561384821761&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=101586991827622&w=2	Mailing List, Patch
af854a3a-2127-422b-91ae-364da2661108	http://online.securityfocus.com/advisories/3960	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://online.securityfocus.com/archive/1/264657	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2002/dsa-119	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/8383.php	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.linuxsecurity.com/advisories/other_advisory-1937.html	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.openbsd.org/advisories/ssh_channelalloc.txt	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/730	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2002-043.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4241	Broken Link, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
immunix	immunix	7.0
mandrakesoft	mandrake_single_network_firewall	7.2
openbsd	openssh	*
openpkg	openpkg	1.0
conectiva	linux	5.0
conectiva	linux	5.1
conectiva	linux	6.0
conectiva	linux	7.0
conectiva	linux	ecommerce
conectiva	linux	graficas
engardelinux	secure_linux	1.0.1
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux	8.1
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	7.0
redhat	linux	7.1
redhat	linux	7.2
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.2
suse	suse_linux	7.3
suse	suse_linux	7.3
suse	suse_linux	7.3
trustix	secure_linux	1.1
trustix	secure_linux	1.2
trustix	secure_linux	1.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BE3D9D-42CA-45A4-A2BB-A7154F177A45",
              "versionEndExcluding": "3.1",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openpkg:openpkg:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AD28A07-6B9F-443B-88E5-7CE777012037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "97177EF7-8FC4-4D4D-A8D9-3628AA0035FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB63DADC-A9AE-4FBA-BCCA-9714646DBD04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*",
              "matchCriteriaId": "99E6E71D-100E-45FA-B90A-C2F7C37E458C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
              "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
              "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges."
    },
    {
      "lang": "es",
      "value": "Error \u0027off-by-one\u0027 en el c\u00f3digo de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios."
    }
  ],
  "id": "CVE-2002-0083",
  "lastModified": "2024-11-20T23:38:16.160",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2002-03-15T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://online.securityfocus.com/advisories/3960"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://online.securityfocus.com/archive/1/264657"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2002/dsa-119"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.iss.net/security_center/static/8383.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/730"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/4241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://online.securityfocus.com/advisories/3960"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://online.securityfocus.com/archive/1/264657"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2002/dsa-119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.iss.net/security_center/static/8383.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/4241"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-193"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-03-26 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

References

URL	Tags
cve@mitre.org	http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt	Patch, Vendor Advisory
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2	Patch, Vendor Advisory
cve@mitre.org	http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5995
af854a3a-2127-422b-91ae-364da2661108	http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5995

Impacted products

Vendor	Product	Version
conectiva	linux	6.0
caldera	openlinux_edesktop	2.4
mandrakesoft	mandrake_linux	6.1
mandrakesoft	mandrake_linux	7.0
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux_corporate_server	1.0.1
suse	suse_linux	6.0
suse	suse_linux	6.1
suse	suse_linux	6.2
suse	suse_linux	6.3
suse	suse_linux	6.4
suse	suse_linux	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges."
    }
  ],
  "id": "CVE-2001-0178",
  "lastModified": "2024-11-20T23:34:47.000",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-03-26T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5995"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5995"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-04-14 04:00

Modified

2024-11-20 23:54

Severity ?

Summary

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/13828
cve@mitre.org	http://secunia.com/advisories/13890
cve@mitre.org	http://secunia.com/advisories/13898
cve@mitre.org	http://securitytracker.com/id?1012957
cve@mitre.org	http://www.debian.org/security/2005/dsa-641	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:010
cve@mitre.org	http://www.osvdb.org/13049
cve@mitre.org	http://www.securityfocus.com/bid/12274
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18933
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/13828
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/13890
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/13898
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1012957
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-641	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:010
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/13049
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12274
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18933

Impacted products

Vendor	Product	Version
playmidi	playmidi	2.3.1
playmidi	playmidi	2.3.2
playmidi	playmidi	2.3.3
playmidi	playmidi	2.3.4
playmidi	playmidi	2.3.5
playmidi	playmidi	2.3.6
playmidi	playmidi	2.3.7
playmidi	playmidi	2.3.8
playmidi	playmidi	2.3.9
playmidi	playmidi	2.3.10
playmidi	playmidi	2.3.11
playmidi	playmidi	2.3.12
playmidi	playmidi	2.3.13
playmidi	playmidi	2.3.14
playmidi	playmidi	2.3.15
playmidi	playmidi	2.3.16
playmidi	playmidi	2.3.17
playmidi	playmidi	2.3.18
playmidi	playmidi	2.3.19
playmidi	playmidi	2.3.20
playmidi	playmidi	2.3.21
playmidi	playmidi	2.3.22
playmidi	playmidi	2.3.23
playmidi	playmidi	2.3.24
playmidi	playmidi	2.3.25
playmidi	playmidi	2.3.25.1
playmidi	playmidi	2.3.26
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "31B37DAF-6D56-45B3-800D-338ABE276C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB3F84A8-3A36-404E-AF22-0D05E414B842",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E18AEC72-3B87-4628-80A3-6784D02BFF21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DD696C5-D8DB-4713-95C5-CBAC430F3BB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "81D30C06-489E-47B0-A45F-B8E28B2F62F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDADEFF2-1049-4C80-8108-147719A989C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E74B77F-D1B2-40EC-B1AB-F2477F0797D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D7A0DA5-6D80-42AF-81D9-38A96D12575D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "412261B9-10E2-41FE-A6D7-A0CB02408177",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "235BD887-82E3-4031-848A-EC13B540CA64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "597F6E93-C849-48FE-8499-E1F6E02D66C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A0CDBB-D140-45B3-A9A7-F2B4441F054B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C162073-0091-4635-8B4F-3BE2F9E01F48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6B78C22-5721-476B-9AC2-5A3862343172",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C88827B-839A-4737-A28F-1E37621A834F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "058CE188-D500-452F-935C-7E170A1212C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "05825831-ECA2-4B31-97E3-069667A4C790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "76A01115-2E9F-4784-BB62-42CBCE80EC9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDC38D10-F13C-49A4-B3D8-12C00D73F62C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BF5C6DD-EC92-49D2-9537-40D28ACFA0E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9F5C0A-9A23-429B-8A13-758441B3860D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEDD85AB-7348-4544-B08A-D2116B413499",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "25AD75AD-394B-42AF-AFBB-0D7F8604FD1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC599380-23BF-4E0E-AE69-D4786FB3C23C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "753C4660-8469-45D3-A531-DE2D2F5F82E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.25.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "433FC9C7-796C-4670-B4B7-25EC81994FE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:playmidi:playmidi:2.3.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "374FE48F-B5BA-4F23-B1DB-5137A418ED2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en playmidi anteriores a 2.4 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n."
    }
  ],
  "id": "CVE-2005-0020",
  "lastModified": "2024-11-20T23:54:15.167",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-14T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/13828"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/13890"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/13898"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1012957"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-641"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/13049"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/12274"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/13828"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/13890"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/13898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1012957"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/13049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/12274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18933"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-07 23:46

Modified

2024-11-21 00:37

Severity ?

Summary

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

References

URL	Tags
cve@mitre.org	ftp://aix.software.ibm.com/aix/efixes/security/README
cve@mitre.org	http://docs.info.apple.com/article.html?artnum=307179
cve@mitre.org	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
cve@mitre.org	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=120352263023774&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=120352263023774&w=2
cve@mitre.org	http://secunia.com/advisories/27479
cve@mitre.org	http://secunia.com/advisories/27515
cve@mitre.org	http://secunia.com/advisories/27531	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/27546
cve@mitre.org	http://secunia.com/advisories/27548
cve@mitre.org	http://secunia.com/advisories/27570
cve@mitre.org	http://secunia.com/advisories/27613
cve@mitre.org	http://secunia.com/advisories/27756
cve@mitre.org	http://secunia.com/advisories/27936
cve@mitre.org	http://secunia.com/advisories/28167
cve@mitre.org	http://secunia.com/advisories/28368
cve@mitre.org	http://secunia.com/advisories/28387
cve@mitre.org	http://secunia.com/advisories/28993
cve@mitre.org	http://secunia.com/advisories/29074
cve@mitre.org	http://secunia.com/advisories/31208
cve@mitre.org	http://securitytracker.com/id?1018899
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1
cve@mitre.org	http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244
cve@mitre.org	http://www.debian.org/security/2007/dsa-1400
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml
cve@mitre.org	http://www.ipcop.org/index.php?name=News&file=article&sid=41
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:207	Patch
cve@mitre.org	http://www.novell.com/linux/security/advisories/2007_24_sr.html
cve@mitre.org	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-0966.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2007-1011.html
cve@mitre.org	http://www.securityfocus.com/archive/1/483563/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/483584/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/485936/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/486859/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26350
cve@mitre.org	http://www.ubuntu.com/usn/usn-552-1
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3724
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4238
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4255
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0064
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0641
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=323571
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=378131
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38270
cve@mitre.org	https://issues.rpath.com/browse/RPL-1813
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669
af854a3a-2127-422b-91ae-364da2661108	ftp://aix.software.ibm.com/aix/efixes/security/README
af854a3a-2127-422b-91ae-364da2661108	http://docs.info.apple.com/article.html?artnum=307179
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2008/000002.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120352263023774&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120352263023774&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27479
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27515
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27531	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27546
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27548
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27570
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27613
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27756
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27936
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28167
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28368
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28387
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28993
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29074
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31208
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018899
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1400
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.ipcop.org/index.php?name=News&file=article&sid=41
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:207	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_24_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0966.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-1011.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483563/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483584/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/485936/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/486859/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26350
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-552-1
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2008-0001.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3724
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4238
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4255
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0064
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0641
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=323571
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=378131
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38270
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1813
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669

Impacted products

Vendor	Product	Version
debian	debian_linux	3.1
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
debian	debian_linux	4.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux	2008.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
rpath	rpath_linux	1
larry_wall	perl	5.8.0
larry_wall	perl	5.8.1
larry_wall	perl	5.8.3
larry_wall	perl	5.8.4
larry_wall	perl	5.8.4.1
larry_wall	perl	5.8.4.2
larry_wall	perl	5.8.4.2.3
larry_wall	perl	5.8.4.3
larry_wall	perl	5.8.4.4
larry_wall	perl	5.8.4.5
larry_wall	perl	5.8.6
mandrakesoft	mandrake_multi_network_firewall	2.0
openpkg	openpkg	current
redhat	enterprise_linux	1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s390:*:*:*:*:*",
              "matchCriteriaId": "4567FE5A-5061-4741-AA6D-4AB365579F8D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7AD2F3-451D-4F37-A6F3-DE676804BBA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2008.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "5FE8C9E7-15C3-4F89-8E54-C9691FAD4E4C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*",
              "matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*",
              "matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*",
              "matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*",
              "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*",
              "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*",
              "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*",
              "matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D30E072-9E6A-49B4-A5C7-63A328598A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "434F0580-985F-42AF-BA10-FAB7E2C23ED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B179E0-C843-46C9-AAD2-78E998175E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5E5A51-ED4C-4927-8C4D-502E79391E19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "171C82CB-2E92-4D41-B1B1-DCFE929E8270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "25633253-D9DE-41F0-A787-D0E8B2B3B9F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEDF9611-E4E2-4059-B45E-D3A61AC9DB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49A9D197-D889-4BE4-BE7A-2EE9536A7498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A4538C-3870-431E-A225-D8523D77A4E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8233B3A-E09D-425B-B1A1-65CD170FD384",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:larry_wall:perl:5.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E35450A-07C3-40B9-88FA-3ACCA498F019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
              "matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:1.0:*:application_stack:*:*:*:*:*",
              "matchCriteriaId": "BCCA408D-B65C-45F3-80E8-3B8D4ACE047C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el soporte opcode polim\u00f3rfico del Motor de Expresiones Regulares (regcomp.c) en Perl 5.8 permite a atacantes dependientes de contexto ejecutar c\u00f3digo de su elecci\u00f3n cambiando de byte a caracteres Unicode (UTF) en una expresi\u00f3n regular."
    }
  ],
  "id": "CVE-2007-5116",
  "lastModified": "2024-11-21T00:37:09.763",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-07T23:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27479"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27515"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27531"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27546"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27548"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27570"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27613"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27756"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27936"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28167"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28387"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28993"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29074"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31208"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018899"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2007/dsa-1400"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26350"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-552-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3724"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4255"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0641"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1813"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://docs.info.apple.com/article.html?artnum=307179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27515"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27531"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27570"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28368"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31208"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26350"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-552-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-04-06 01:19

Modified

2024-11-21 00:28

Severity ?

Summary

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

References

URL	Tags
secalert@redhat.com	http://issues.foresightlinux.org/browse/FL-223
secalert@redhat.com	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501	Patch
secalert@redhat.com	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
secalert@redhat.com	http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2007-0125.html
secalert@redhat.com	http://secunia.com/advisories/24741	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24745
secalert@redhat.com	http://secunia.com/advisories/24756
secalert@redhat.com	http://secunia.com/advisories/24758
secalert@redhat.com	http://secunia.com/advisories/24765
secalert@redhat.com	http://secunia.com/advisories/24768
secalert@redhat.com	http://secunia.com/advisories/24770	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/24771
secalert@redhat.com	http://secunia.com/advisories/24772
secalert@redhat.com	http://secunia.com/advisories/24776
secalert@redhat.com	http://secunia.com/advisories/24791
secalert@redhat.com	http://secunia.com/advisories/24885
secalert@redhat.com	http://secunia.com/advisories/24889
secalert@redhat.com	http://secunia.com/advisories/24921
secalert@redhat.com	http://secunia.com/advisories/24996
secalert@redhat.com	http://secunia.com/advisories/25004
secalert@redhat.com	http://secunia.com/advisories/25006
secalert@redhat.com	http://secunia.com/advisories/25096
secalert@redhat.com	http://secunia.com/advisories/25195
secalert@redhat.com	http://secunia.com/advisories/25216
secalert@redhat.com	http://secunia.com/advisories/25305
secalert@redhat.com	http://secunia.com/advisories/25495
secalert@redhat.com	http://secunia.com/advisories/28333
secalert@redhat.com	http://secunia.com/advisories/30161
secalert@redhat.com	http://secunia.com/advisories/33937
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200705-02.xml
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200705-10.xml
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733
secalert@redhat.com	http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954
secalert@redhat.com	http://sourceforge.net/project/shownotes.php?release_id=498954
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
secalert@redhat.com	http://support.apple.com/kb/HT3438
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1294
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1454
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:081
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_27_x.html
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_6_sr.html
secalert@redhat.com	http://www.openbsd.org/errata39.html#021_xorg
secalert@redhat.com	http://www.openbsd.org/errata40.html#011_xorg
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0126.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0132.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0150.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/464686/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/464816/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/23283	Patch
secalert@redhat.com	http://www.securityfocus.com/bid/23300
secalert@redhat.com	http://www.securityfocus.com/bid/23402
secalert@redhat.com	http://www.securitytracker.com/id?1017857
secalert@redhat.com	http://www.trustix.org/errata/2007/0013/
secalert@redhat.com	http://www.ubuntu.com/usn/usn-448-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1217
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1264
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1548
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/33417
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1213
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810
af854a3a-2127-422b-91ae-364da2661108	http://issues.foresightlinux.org/browse/FL-223
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501	Patch
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2007-0125.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24741	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24745
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24756
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24758
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24765
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24768
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24770	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24771
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24772
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24776
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24791
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24885
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24889
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24921
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24996
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25004
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25006
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25096
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25195
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25216
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25305
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25495
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28333
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30161
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33937
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200705-02.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200705-10.xml
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=498954
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3438
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1294
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1454
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:079
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:080
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:081
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_27_x.html
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_6_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openbsd.org/errata39.html#021_xorg
af854a3a-2127-422b-91ae-364da2661108	http://www.openbsd.org/errata40.html#011_xorg
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0126.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0132.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0150.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/464686/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/464816/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23283	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23300
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23402
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017857
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2007/0013/
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-448-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1217
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1264
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1548
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/33417
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1213
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810

Impacted products

Vendor	Product	Version
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	5.10
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.06_lts
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
ubuntu	ubuntu_linux	6.10
x.org	libxfont	1.2.2
xfree86_project	x11r6	4.3.0
xfree86_project	x11r6	4.3.0.1
xfree86_project	x11r6	4.3.0.2
rpath	rpath_linux	1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux	5.0
redhat	enterprise_linux_desktop	3.0
redhat	enterprise_linux_desktop	4.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
openbsd	openbsd	3.9
openbsd	openbsd	4.0
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_linux_corporate_server	4.0
mandrakesoft	mandrake_multi_network_firewall	2.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "EF15862D-6108-4791-8817-622123C8D10C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
              "matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
              "matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
              "matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFADBA5A-8168-40B8-B5CA-0F1F7F9193D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "837EBF15-6C7D-46B8-8A90-9DFBF2C09FF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E859A205-0DC2-4E28-8FF0-72D66DE9B280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18E8C7B-53AC-4BC7-9E00-A70293172B58",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
              "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*",
              "matchCriteriaId": "FE524195-06F1-4504-9223-07596588CC70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:*",
              "matchCriteriaId": "2FEED00F-3B70-4E57-AD80-7903AECED14B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
              "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en la funci\u00f3n bdfReadCharacters en (1) X.Org libXfont before 20070403 y (2) freetype 2.3.2 y permite a usuarios remotos validados ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de fuentes manipuladas BDF, las cueles dan como resultado un desbordamiento de pila."
    }
  ],
  "id": "CVE-2007-1351",
  "lastModified": "2024-11-21T00:28:05.320",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-04-06T01:19:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://issues.foresightlinux.org/browse/FL-223"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24741"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24745"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24756"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24758"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24765"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24768"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24770"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24771"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24772"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24776"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24791"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24885"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24889"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24921"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24996"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25004"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25006"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25096"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25195"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25216"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25305"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/25495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/28333"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30161"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/33937"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT3438"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1294"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1454"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openbsd.org/errata39.html#021_xorg"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openbsd.org/errata40.html#011_xorg"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/23283"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/23300"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/23402"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1017857"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.trustix.org/errata/2007/0013/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-448-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1217"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1264"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1548"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1213"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://issues.foresightlinux.org/browse/FL-223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24745"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24885"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24889"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24996"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25195"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1294"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openbsd.org/errata39.html#021_xorg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openbsd.org/errata40.html#011_xorg"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/23283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2007/0013/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-448-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-02-16 05:00

Modified

2024-11-20 23:50

Severity ?

Summary

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/14309
cve@mitre.org	http://www.debian.org/security/2005/dsa-678	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:039
cve@mitre.org	http://www.novell.com/linux/download/updates/81_i386.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14309
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-678	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:039
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/download/updates/81_i386.html

Impacted products

Vendor	Product	Version
sun	solaris	*
sun	sunos	5.9
debian	debian_linux	3.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E585DC-FC74-4BB0-96B7-C00B6DB610DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:woody:*:*:*:*:*",
              "matchCriteriaId": "436B1E58-17E8-495B-A2DD-FB1626B9D35B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash)."
    }
  ],
  "id": "CVE-2004-1180",
  "lastModified": "2024-11-20T23:50:17.390",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-02-16T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/14309"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-678"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:039"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/download/updates/81_i386.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/download/updates/81_i386.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-02-09 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

References

URL	Tags
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.trustix.org/errata/2004/0050
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2004/0050
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583

Impacted products

Vendor	Product	Version
netatalk	open_source_apple_file_share_protocol_suite	1.5_pre6
netatalk	open_source_apple_file_share_protocol_suite	1.6.1
netatalk	open_source_apple_file_share_protocol_suite	1.6.4
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netatalk:open_source_apple_file_share_protocol_suite:1.5_pre6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6228C14-971D-43E4-B6CD-B368E82E5139",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netatalk:open_source_apple_file_share_protocol_suite:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F2A69EB-1705-414F-A6C2-C99597EE2146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netatalk:open_source_apple_file_share_protocol_suite:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A363D8A-3544-48A1-99EE-040685CF5444",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files."
    }
  ],
  "id": "CVE-2004-0974",
  "lastModified": "2024-11-20T23:49:48.617",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-02-09T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2004/0050"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2004/0050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-08-06 04:00

Modified

2024-11-20 23:48

Severity ?

Summary

ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.

References

URL	Tags
cve@mitre.org	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060
cve@mitre.org	http://www.securityfocus.com/bid/10516	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16392
af854a3a-2127-422b-91ae-364da2661108	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10516	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16392

Impacted products

Vendor	Product	Version
gnu	ksymoops	2.4.5
gnu	ksymoops	2.4.8
gnu	ksymoops	2.4.9
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:ksymoops:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3962516-E0A2-4AE6-B862-62A203B0B322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:ksymoops:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E795349-8C71-4EEE-93B6-106BE36A01DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:ksymoops:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C87DA33-6C06-44D7-B8C8-6451F426AE2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp."
    },
    {
      "lang": "es",
      "value": "El script ksymoops-gznm en Mandrake Linux 9.1 a 10.0, y Corporate Server 2.1 permite a usuarios locales borrar ficheros arbitrarios mediante un ataque de enlaces simb\u00f3licos en /tmp."
    }
  ],
  "id": "CVE-2004-0581",
  "lastModified": "2024-11-20T23:48:54.367",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10516"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16392"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16392"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-03-01 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=110028877431192&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=110598298225675&w=2
cve@mitre.org	http://www.debian.org/security/2004/dsa-596
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:133
cve@mitre.org	http://www.securityfocus.com/bid/11668	Patch, Vendor Advisory
cve@mitre.org	http://www.sudo.ws/sudo/alerts/bash_functions.html
cve@mitre.org	http://www.trustix.org/errata/2004/0061/
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18055
cve@mitre.org	https://www.ubuntu.com/usn/usn-28-1/
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110028877431192&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110598298225675&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-596
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:133
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11668	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.sudo.ws/sudo/alerts/bash_functions.html
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2004/0061/
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18055
af854a3a-2127-422b-91ae-364da2661108	https://www.ubuntu.com/usn/usn-28-1/

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
todd_miller	sudo	1.5.6
todd_miller	sudo	1.5.7
todd_miller	sudo	1.5.8
todd_miller	sudo	1.5.9
todd_miller	sudo	1.6
todd_miller	sudo	1.6.1
todd_miller	sudo	1.6.2
todd_miller	sudo	1.6.3
todd_miller	sudo	1.6.3_p1
todd_miller	sudo	1.6.3_p2
todd_miller	sudo	1.6.3_p3
todd_miller	sudo	1.6.3_p4
todd_miller	sudo	1.6.3_p5
todd_miller	sudo	1.6.3_p6
todd_miller	sudo	1.6.3_p7
todd_miller	sudo	1.6.4
todd_miller	sudo	1.6.4_p1
todd_miller	sudo	1.6.4_p2
todd_miller	sudo	1.6.5
todd_miller	sudo	1.6.5_p1
todd_miller	sudo	1.6.5_p2
todd_miller	sudo	1.6.6
todd_miller	sudo	1.6.7
todd_miller	sudo	1.6.8
todd_miller	sudo	1.6.8_p1
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
trustix	secure_linux	1.5
trustix	secure_linux	2.0
trustix	secure_linux	2.1
trustix	secure_linux	2.2
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6060C8CB-1592-479E-86AD-AC180F855BD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6DAA88C-BADD-405A-9E66-5B0839595A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D5E3B7-5377-4CA8-BA0D-056870CB717E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "22C11931-B594-43EC-9698-7152B1DF8CA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "976B5923-1BCC-4DE6-A904-930DD833B937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5452DF1-0270-452D-90EB-45E9A084B94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFD12E6-F92E-4371-ADA7-BCD41E4C9014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FDF4FB-06FA-4A10-A3CF-F52169BC8072",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B29018-B495-482A-8FF7-66821A178F9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "38718561-70C7-4E0D-9313-87A5E82ED338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D057064A-9B34-4224-97BA-4D5840A92BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3C297DC-69B1-4BE6-A5EF-D320BD0CA968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F4C1FFB-F6AA-4DED-9C54-DCB274F59A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*",
              "matchCriteriaId": "338A92AC-92D2-40BF-9FAC-884AF6F74D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DB5610-03CE-425E-8855-70D5787029FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DFC86C-7743-4F27-BC10-170F04C23D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5170421-BA0C-4365-9CD6-BD232EA08680",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5909AAA4-4AF9-4D23-87C5-5D7787909B02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2170CFD0-2594-45FB-B68F-0A75114F00A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "03C07744-CAE8-44C6-965E-2A09BAE1F36C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B17E0E59-C928-49AB-BAA7-4AE638B376D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "294FC65B-4225-475A-B49A-758823CEDECD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6156B085-AA17-458C-AED1-D658275E43B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6419309-385F-4525-AD4B-C73B1A3ED935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F7E821-2908-47F1-9665-E9D68ECC242F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "sudo before 1.6.8p2 allows local users to execute arbitrary commands by using \"()\" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program\u0027s full pathname."
    }
  ],
  "id": "CVE-2004-1051",
  "lastModified": "2024-11-20T23:49:58.583",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-03-01T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110028877431192\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110598298225675\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-596"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:133"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11668"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.sudo.ws/sudo/alerts/bash_functions.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.trustix.org/errata/2004/0061/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18055"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.ubuntu.com/usn/usn-28-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110028877431192\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110598298225675\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:133"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.sudo.ws/sudo/alerts/bash_functions.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.trustix.org/errata/2004/0061/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18055"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.ubuntu.com/usn/usn-28-1/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "We do not consider this to be a security issue:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=139478#c1",
      "lastModified": "2006-08-30T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-06 05:00

Modified

2024-11-20 23:48

Severity ?

Summary

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/20162
cve@mitre.org	http://secunia.com/advisories/20163
cve@mitre.org	http://secunia.com/advisories/20202
cve@mitre.org	http://secunia.com/advisories/20338
cve@mitre.org	http://www.debian.org/security/2006/dsa-1067
cve@mitre.org	http://www.debian.org/security/2006/dsa-1069
cve@mitre.org	http://www.debian.org/security/2006/dsa-1070
cve@mitre.org	http://www.debian.org/security/2006/dsa-1082
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:066
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-504.html
cve@mitre.org	http://www.securityfocus.com/bid/10687
cve@mitre.org	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16644
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20162
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20163
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20202
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20338
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1067
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1069
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1070
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1082
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:066
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-504.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10687
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16644
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
gentoo	linux	*
linux	linux_kernel	2.4.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
trustix	secure_linux	2
trustix	secure_linux	2.0
trustix	secure_linux	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39B3D5AE-05A8-433C-98DD-2711423D3FA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit."
    },
    {
      "lang": "es",
      "value": "Fuga de informaci\u00f3n de punto flotante en el c\u00f3digo de cambio de contexto de Linux 2.4.x s\u00f3lo comprueba el bit MFH pero no verifica el propietario de FPH, lo que permite a usuarios locales leer valores de registros de otros procesos estableciendo el bit MFH."
    }
  ],
  "id": "CVE-2004-0565",
  "lastModified": "2024-11-20T23:48:52.137",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-06T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20162"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20163"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20202"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20338"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1067"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1069"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1070"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2006/dsa-1082"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:066"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/10687"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16644"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20202"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/10687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-23 05:00

Modified

2024-11-20 23:49

Severity ?

Summary

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

References

URL	Tags
cve@mitre.org	http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734
cve@mitre.org	http://speedtouch.sourceforge.net/index.php?/news.en.html	Vendor Advisory
cve@mitre.org	http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17792
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734
af854a3a-2127-422b-91ae-364da2661108	http://speedtouch.sourceforge.net/index.php?/news.en.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17792

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
speedtouch	speedtouch_usb_driver	1.0
speedtouch	speedtouch_usb_driver	1.1
speedtouch	speedtouch_usb_driver	1.2
speedtouch	speedtouch_usb_driver	1.2_beta1
speedtouch	speedtouch_usb_driver	1.2_beta2
speedtouch	speedtouch_usb_driver	1.2_beta3
speedtouch	speedtouch_usb_driver	1.3
gentoo	linux	1.4
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	9.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:speedtouch:speedtouch_usb_driver:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "100AFA21-3940-44CB-971E-B66B875595F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:speedtouch:speedtouch_usb_driver:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1575E91-97BA-4813-8A97-F34942032966",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:speedtouch:speedtouch_usb_driver:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "30D104A7-0C22-4B71-999F-454EF4D79433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:speedtouch:speedtouch_usb_driver:1.2_beta1:*:*:*:*:*:*:*",
              "matchCriteriaId": "315E7B9D-A05C-4706-9C0D-B580FAC3CC39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:speedtouch:speedtouch_usb_driver:1.2_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "771080FF-D53E-44AD-8587-98701F04C4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:speedtouch:speedtouch_usb_driver:1.2_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "74653412-D765-4598-9ED3-70C5444AAFD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:speedtouch:speedtouch_usb_driver:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB471486-A33B-46F5-9CBB-2788957C0CE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de cadena de formato en Speedtouch USB driver anteriores a 1.3.1 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante \r\n\r\nmodem_run\r\npppoa2, o \r\npppoa3"
    }
  ],
  "id": "CVE-2004-0834",
  "lastModified": "2024-11-20T23:49:31.450",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-23T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/project/showfiles.php?group_id=32758\u0026package_id=28264\u0026release_id=271734"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://speedtouch.sourceforge.net/index.php?/news.en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17792"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/showfiles.php?group_id=32758\u0026package_id=28264\u0026release_id=271734"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://speedtouch.sourceforge.net/index.php?/news.en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17792"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-03-14 05:00

Modified

2024-11-20 23:55

Severity ?

Summary

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

References

URL	Tags
secalert@redhat.com	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933
secalert@redhat.com	http://gaim.sourceforge.net/security/index.php?id=10	Vendor Advisory
secalert@redhat.com	http://marc.info/?l=bugtraq&m=110935655500670&w=2
secalert@redhat.com	http://secunia.com/advisories/14322
secalert@redhat.com	http://www.debian.org/security/2005/dsa-716
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml
secalert@redhat.com	http://www.kb.cert.org/vuls/id/839280	Patch, Third Party Advisory, US Government Resource
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2005:049
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2005_36_sudo.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2005-215.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2005-432.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/426078/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/12589
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/19380
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933
af854a3a-2127-422b-91ae-364da2661108	http://gaim.sourceforge.net/security/index.php?id=10	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110935655500670&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14322
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-716
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/839280	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:049
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2005_36_sudo.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-215.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-432.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/426078/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12589
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/19380
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433

Impacted products

Vendor	Product	Version
rob_flynn	gaim	1.0
rob_flynn	gaim	1.0.1
rob_flynn	gaim	1.1.1
rob_flynn	gaim	1.1.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux	4.0
redhat	enterprise_linux_desktop	4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2842937-2275-4C1C-85FE-9C1246B2A06A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rob_flynn:gaim:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "478EA6B8-99D9-4378-8839-AC85F281F630",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ."
    }
  ],
  "id": "CVE-2005-0472",
  "lastModified": "2024-11-20T23:55:12.897",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-03-14T05:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://gaim.sourceforge.net/security/index.php?id=10"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/14322"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-716"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/839280"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/12589"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://gaim.sourceforge.net/security/index.php?id=10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/14322"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/839280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/12589"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-06 05:00

Modified

2024-11-20 23:48

Severity ?

Summary

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

References

▼	URL	Tags
	cve@mitre.org	http://www.novell.com/linux/security/advisories/2004_20_kernel.html
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16625
	af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2004_20_kernel.html
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16625

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
suse	suse_email_server	3
suse	suse_email_server	3.1
suse	suse_linux_connectivity_server	*
suse	suse_linux_database_server	*
suse	suse_linux_firewall	*
suse	suse_linux_office_server	*
gentoo	linux	*
linux	linux_kernel	2.6.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
sun	solaris	9.0
sun	sunos	5.8
sun	sunos	5.9
suse	suse_linux	7
suse	suse_linux	8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_email_server:3:*:*:*:*:*:*:*",
              "matchCriteriaId": "62E7BDA1-AFB2-45D4-B80C-30F4FF1DF219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A451599B-5F4F-4D7F-B5EF-3AE9F9B89D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "941DFF67-E9F6-41F0-A5CB-90105733327D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "117BBA08-9C1B-4CAC-A418-B044D69C27D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEBE1A76-D59D-47C1-8B12-4582FAE888DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDFB81-4DFE-416A-BCE1-ED96AC3E69B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E585DC-FC74-4BB0-96B7-C00B6DB610DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7840155-DCF0-4C34-815B-71F872D31A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool."
    },
    {
      "lang": "es",
      "value": "Multiples vulnerabilidades desconocidas en el kernel 2.6 de Linux permite a usuarios locales ganar privilegios o acceder a memoria del kernel, un grupo de vulerabilidades distinto de los identificado por CAN-2004-0495, como se ha encontrado con la herramienta de comprobaci\u00f3n de c\u00f3digo fuente Sparse"
    }
  ],
  "id": "CVE-2004-0496",
  "lastModified": "2024-11-20T23:48:43.293",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-06T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16625"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:53

Severity ?

Summary

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

References

URL	Tags
cve@mitre.org	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Patch
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/10370	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16178
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10370	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16178

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	9.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks."
    }
  ],
  "id": "CVE-2004-2394",
  "lastModified": "2024-11-20T23:53:14.957",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10370"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10370"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16178"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-07-18 04:00

Modified

2024-11-20 23:36

Severity ?

Summary

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html	Patch, Vendor Advisory
cve@mitre.org	http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01	Patch, Vendor Advisory
cve@mitre.org	http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-097.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/197727	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/6862
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-097.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/197727	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/6862

Impacted products

Vendor	Product	Version
caldera	openlinux_server	3.1
immunix	immunix	6.2
immunix	immunix	7.0
immunix	immunix	7.0_beta
mandrakesoft	mandrake_single_network_firewall	7.2
squid	squid_web_proxy	2.3stable3
squid	squid_web_proxy	2.3stable4
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	7.0
trustix	secure_linux	1.1
trustix	secure_linux	1.01
trustix	secure_linux	1.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D5299EE-5CA6-4A9E-9543-BDB0ADF9ED68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable4:*:*:*:*:*:*:*",
              "matchCriteriaId": "69466E6B-CD99-4A6F-87EE-1CC430573509",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "9406727E-365C-466F-8406-82B393537559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning."
    }
  ],
  "id": "CVE-2001-1030",
  "lastModified": "2024-11-20T23:36:42.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-07-18T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/197727"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/197727"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-09-16 04:00

Modified

2024-11-20 23:49

Severity ?

Summary

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/28800
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1
cve@mitre.org	http://www.debian.org/security/2004/dsa-547	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-480.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-494.html	Patch, Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0412
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17173
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28800
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2004/dsa-547	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-480.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-494.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0412
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17173
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123

Impacted products

Vendor	Product	Version
enlightenment	imlib	1.9
enlightenment	imlib	1.9.1
enlightenment	imlib	1.9.2
enlightenment	imlib	1.9.3
enlightenment	imlib	1.9.4
enlightenment	imlib	1.9.5
enlightenment	imlib	1.9.6
enlightenment	imlib	1.9.7
enlightenment	imlib	1.9.8
enlightenment	imlib	1.9.9
enlightenment	imlib	1.9.10
enlightenment	imlib	1.9.11
enlightenment	imlib	1.9.12
enlightenment	imlib	1.9.13
enlightenment	imlib	1.9.14
enlightenment	imlib2	1.0
enlightenment	imlib2	1.0.1
enlightenment	imlib2	1.0.2
enlightenment	imlib2	1.0.3
enlightenment	imlib2	1.0.4
enlightenment	imlib2	1.0.5
enlightenment	imlib2	1.1
enlightenment	imlib2	1.1.1
imagemagick	imagemagick	5.3.3
imagemagick	imagemagick	5.4.3
imagemagick	imagemagick	5.4.4.5
imagemagick	imagemagick	5.4.7
imagemagick	imagemagick	5.4.8
imagemagick	imagemagick	5.4.8.2.1.1.0
imagemagick	imagemagick	5.5.3.2.1.2.0
imagemagick	imagemagick	5.5.6.0_2003-04-09
imagemagick	imagemagick	5.5.7
imagemagick	imagemagick	6.0.2
sun	java_desktop_system	2.0
sun	java_desktop_system	2003
conectiva	linux	9.0
conectiva	linux	10.0
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux_desktop	3.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.2
turbolinux	turbolinux	desktop_10.0
turbolinux	turbolinux	server_7.0
turbolinux	turbolinux	server_8.0
turbolinux	turbolinux	workstation_7.0
turbolinux	turbolinux	workstation_8.0
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC774637-8B95-4C69-8665-86A67EAEBB24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9928B65C-A2F3-4D95-9A73-6DE4415463B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "072BDD6E-D815-4996-B78C-42502FB8BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE9D28DB-FFC6-4C7F-89F6-85740B239271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "988CDE52-220B-489D-9644-94CC5274E678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B49B4277-ECFD-4568-94C1-6E02BF238A2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "882A873F-D3D3-4E11-9C6B-B45C53672711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DA760F0-EFA2-4B4E-BB95-8FD857CD3250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C72DEC7-5558-4121-89CE-6E9B382C849E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6880B01C-0804-4CCF-9916-89807BBD4C8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE16231-4FB4-4D30-BE83-AD400E357280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "27937897-40B1-4D86-AFF0-ACA1B7F7A33E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A533869A-BAF1-4A26-AD33-0C4B6A62AA65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1CF072-E421-4BAA-9B29-421B101171B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "630D2700-3AF2-4F6C-B045-41571B602B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1750F261-8A88-4C9C-A86B-ED1D6F41C408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7606397B-A6F0-41AA-8DA2-B3ECBC7374EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69E5CC4-422F-4E4C-8E4C-8EA3479D759E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B6EC79E-A937-4781-AF55-35BCB2247C52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3DCF542-ABD1-448A-BD6F-F3FB4DB957C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:enlightenment:imlib2:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A7F9B2-116C-4AB8-98B0-729D0AB8545E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_desktop_system:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5537D6C-7700-4818-93F7-4449049DF131",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_desktop_system:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1587AB3-180E-4734-A0AC-4EE5A93B469A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:desktop_10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "49A34783-39EF-471A-9B8B-72CBF2BB3E30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:server_7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42FB8BA2-8651-4806-9172-0E03F6B7AAD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:server_8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "79B0F1A4-BE4C-4A33-B1F5-9C158B228D82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE73E6EB-6712-4DD8-847B-67CCA9A8E0A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:turbolinux:turbolinux:workstation_8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1066BFAC-0156-4440-A32B-BC1B5228DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
    }
  ],
  "id": "CVE-2004-0827",
  "lastModified": "2024-11-20T23:49:30.423",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-16T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28800"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-547"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0412"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2004/dsa-547"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-01-10 05:00

Modified

2024-11-20 23:50

Severity ?

Summary

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

References

URL	Tags
cve@mitre.org	http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:123
cve@mitre.org	http://www.securityfocus.com/bid/11563	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17940
af854a3a-2127-422b-91ae-364da2661108	http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:123
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11563	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17940

Impacted products

Vendor	Product	Version
roaring_penguin	mimedefang	2.4
roaring_penguin	mimedefang	2.14
roaring_penguin	mimedefang	2.20
roaring_penguin	mimedefang	2.21
roaring_penguin	mimedefang	2.38
roaring_penguin	mimedefang	2.39
roaring_penguin	mimedefang	2.41
roaring_penguin	mimedefang	2.42
roaring_penguin	mimedefang	2.43
roaring_penguin	mimedefang	2.44
roaring_penguin	mimedefang	2.45
roaring_penguin	mimedefang	4.46
roaring_penguin	mimedefang	4.47
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux	10.1
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "00487C1B-E557-46AA-863D-6B27E06402C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E49F4116-2497-4AC4-ACE2-E77F3C1889EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA989CD-020D-487B-9E83-2316185C6950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF67BB2-1984-4C6A-90DA-75C14CF7B7DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "925509AA-CFCA-4200-BA7B-168D94CD498F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2579A91-66A4-49F6-893E-3F228F9AF868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "D81EF517-56CD-4A76-9212-A08D3176B191",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "236D9552-6FD5-4093-B8A3-843A074D2C30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "35222B53-7F83-4CCD-BEE3-2A040008BE00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "10289D13-ADD9-4529-85F1-20DCC1964557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:2.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F42F5D5-4DDF-4EFA-9ACD-D1B7D5E0AE66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:4.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "75E0113A-A862-4E10-AB2E-F24DC7F7F018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:roaring_penguin:mimedefang:4.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "4191CD9F-FF03-4203-8387-167BA208CCDF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header."
    },
    {
      "lang": "es",
      "value": "MIMEDefang de MIME-tools 5.414 permite a atacantes remotos sortear escaner de virus mediante adjuntos en correo electr\u00f3nico con virus que contengan una cadena de l\u00edmite vacia en la cabecera Content-Type."
    }
  ],
  "id": "CVE-2004-1098",
  "lastModified": "2024-11-20T23:50:05.813",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-10T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:123"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11563"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:123"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11563"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17940"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-10-18 04:00

Modified

2024-11-20 23:36

Severity ?

Summary

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=98749102621604&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=99106787825229&w=2
cve@mitre.org	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2001-042.html	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/6367
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=98749102621604&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=99106787825229&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2001-042.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/6367

Impacted products

Vendor	Product	Version
immunix	immunix	6.2
immunix	immunix	7.0
immunix	immunix	7.0_beta
university_of_washington	pine	*
engardelinux	secure_linux	1.0.1
mandrakesoft	mandrake_linux	7.1
mandrakesoft	mandrake_linux	7.2
mandrakesoft	mandrake_linux	8.0
mandrakesoft	mandrake_linux_corporate_server	1.0.1
redhat	linux	5.2
redhat	linux	6.2
redhat	linux	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:university_of_washington:pine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12627ECC-CFED-4893-8C1C-5CC454A982E1",
              "versionEndIncluding": "4.33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack."
    }
  ],
  "id": "CVE-2001-0736",
  "lastModified": "2024-11-20T23:36:02.313",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-10-18T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:53

Severity ?

Summary

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

References

URL	Tags
cve@mitre.org	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/10370	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16180
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10370	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16180

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	8.2
mandrakesoft	mandrake_linux	9.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer."
    }
  ],
  "id": "CVE-2004-2395",
  "lastModified": "2024-11-20T23:53:15.093",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10370"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/10370"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16180"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-08-06 04:00

Modified

2024-11-20 23:48

Severity ?

Summary

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

References

URL	Tags
cve@mitre.org	ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
cve@mitre.org	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
cve@mitre.org	http://lwn.net/Articles/91155/
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200407-02.xml	Vendor Advisory
cve@mitre.org	http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2004:062
cve@mitre.org	http://www.novell.com/linux/security/advisories/2004_20_kernel.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-413.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-418.html
cve@mitre.org	http://www.securityfocus.com/bid/10352	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16159
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845
af854a3a-2127-422b-91ae-364da2661108	http://lwn.net/Articles/91155/
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200407-02.xml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2004:062
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2004_20_kernel.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-413.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-418.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10352	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16159
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
suse	suse_email_server	3.1
suse	suse_email_server	iii
suse	suse_linux_admin-cd_for_firewall	*
suse	suse_linux_connectivity_server	*
suse	suse_linux_database_server	*
suse	suse_linux_firewall_cd	*
suse	suse_linux_firewall_live-cd	*
suse	suse_linux_office_server	*
suse	suse_office_server	*
conectiva	linux	8.0
conectiva	linux	9.0
engardelinux	secure_community	2.0
engardelinux	secure_linux	1.5
gentoo	linux	1.4
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.0
linux	linux_kernel	2.4.1
linux	linux_kernel	2.4.2
linux	linux_kernel	2.4.3
linux	linux_kernel	2.4.4
linux	linux_kernel	2.4.5
linux	linux_kernel	2.4.6
linux	linux_kernel	2.4.7
linux	linux_kernel	2.4.8
linux	linux_kernel	2.4.9
linux	linux_kernel	2.4.10
linux	linux_kernel	2.4.11
linux	linux_kernel	2.4.12
linux	linux_kernel	2.4.13
linux	linux_kernel	2.4.14
linux	linux_kernel	2.4.15
linux	linux_kernel	2.4.16
linux	linux_kernel	2.4.17
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.18
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.19
linux	linux_kernel	2.4.20
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.21
linux	linux_kernel	2.4.22
linux	linux_kernel	2.4.23
linux	linux_kernel	2.4.23
linux	linux_kernel	2.4.23_ow2
linux	linux_kernel	2.4.24
linux	linux_kernel	2.4.24_ow1
linux	linux_kernel	2.4.25
linux	linux_kernel	2.4.26
linux	linux_kernel	2.4.27
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
mandrakesoft	mandrake_linux_corporate_server	2.1
suse	suse_linux	7
suse	suse_linux	8
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_email_server:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A451599B-5F4F-4D7F-B5EF-3AE9F9B89D62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_email_server:iii:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD74DAB4-A68E-4748-BC43-2285FC9804D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_admin-cd_for_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52E04F16-A0C7-4B0C-A70E-2CA683E0C33B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "941DFF67-E9F6-41F0-A5CB-90105733327D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_database_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "117BBA08-9C1B-4CAC-A418-B044D69C27D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_firewall_cd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52F8C98F-E10C-4FE8-96E7-27426F369E78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_firewall_live-cd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D7140F-589F-44DC-84ED-93FE6989F821",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDFB81-4DFE-416A-BCE1-ED96AC3E69B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_office_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BAE686-972A-4756-9E5D-CF2830700891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD14661C-E3BE-44DF-BC8D-294322BF23EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "835156D0-D0D8-4A82-9342-95E7239E3477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*",
              "matchCriteriaId": "4E62C413-935F-459C-8F11-73F5B483E759",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*",
              "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*",
              "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*",
              "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*",
              "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*",
              "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*",
              "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*",
              "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*",
              "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*",
              "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*",
              "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*",
              "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*",
              "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*",
              "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*",
              "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*",
              "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*",
              "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*",
              "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*",
              "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*",
              "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*",
              "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
              "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
              "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7840155-DCF0-4C34-815B-71F872D31A20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory.  NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
    },
    {
      "lang": "es",
      "value": "El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otras fuentes como un \"desbordamiento de b\u00fafer\"."
    }
  ],
  "id": "CVE-2004-0535",
  "lastModified": "2024-11-20T23:48:48.400",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lwn.net/Articles/91155/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10352"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lwn.net/Articles/91155/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-04-27 04:00

Modified

2024-11-20 23:54

Severity ?

Summary

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

References

URL	Tags
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:041
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:042
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:043
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:044
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:052
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:056
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-034.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-053.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-057.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-132.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2005-213.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/11501	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17818
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:041
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:042
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:043
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:044
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:052
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:056
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-034.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-053.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-057.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-132.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-213.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11501	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17818
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107

Impacted products

Vendor	Product	Version
ascii	ptex	3.1.4
cstex	cstetex	2.0.2
easy_software_products	cups	1.0.4
easy_software_products	cups	1.0.4_8
easy_software_products	cups	1.1.1
easy_software_products	cups	1.1.4
easy_software_products	cups	1.1.4_2
easy_software_products	cups	1.1.4_3
easy_software_products	cups	1.1.4_5
easy_software_products	cups	1.1.6
easy_software_products	cups	1.1.7
easy_software_products	cups	1.1.10
easy_software_products	cups	1.1.12
easy_software_products	cups	1.1.13
easy_software_products	cups	1.1.14
easy_software_products	cups	1.1.15
easy_software_products	cups	1.1.16
easy_software_products	cups	1.1.17
easy_software_products	cups	1.1.18
easy_software_products	cups	1.1.19
easy_software_products	cups	1.1.19_rc5
easy_software_products	cups	1.1.20
gnome	gpdf	0.110
gnome	gpdf	0.112
gnome	gpdf	0.131
kde	koffice	1.3
kde	koffice	1.3.1
kde	koffice	1.3.2
kde	koffice	1.3.3
kde	koffice	1.3_beta1
kde	koffice	1.3_beta2
kde	koffice	1.3_beta3
kde	kpdf	3.2
pdftohtml	pdftohtml	0.32a
pdftohtml	pdftohtml	0.32b
pdftohtml	pdftohtml	0.33
pdftohtml	pdftohtml	0.33a
pdftohtml	pdftohtml	0.34
pdftohtml	pdftohtml	0.35
pdftohtml	pdftohtml	0.36
sgi	propack	3.0
tetex	tetex	1.0.6
tetex	tetex	1.0.7
tetex	tetex	2.0
tetex	tetex	2.0.1
tetex	tetex	2.0.2
xpdf	xpdf	0.90
xpdf	xpdf	0.91
xpdf	xpdf	0.92
xpdf	xpdf	0.93
xpdf	xpdf	1.0
xpdf	xpdf	1.0a
xpdf	xpdf	1.1
xpdf	xpdf	2.0
xpdf	xpdf	2.1
xpdf	xpdf	2.3
xpdf	xpdf	3.0
sgi	advanced_linux_environment	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
debian	debian_linux	3.0
gentoo	linux	*
kde	kde	3.2
kde	kde	3.2.1
kde	kde	3.2.2
kde	kde	3.2.3
kde	kde	3.3
kde	kde	3.3.1
mandrakesoft	mandrake_linux_corporate_server	3.0
mandrakesoft	mandrake_linux_corporate_server	3.0
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux_desktop	3.0
redhat	fedora_core	core_1.0
redhat	fedora_core	core_2.0
redhat	fedora_core	core_3.0
redhat	linux	9.0
redhat	linux_advanced_workstation	2.1
redhat	linux_advanced_workstation	2.1
suse	suse_linux	1.0
suse	suse_linux	2.0
suse	suse_linux	3.0
suse	suse_linux	4.0
suse	suse_linux	4.2
suse	suse_linux	4.3
suse	suse_linux	4.4
suse	suse_linux	4.4.1
suse	suse_linux	5.0
suse	suse_linux	5.1
suse	suse_linux	5.2
suse	suse_linux	5.3
suse	suse_linux	6.0
suse	suse_linux	6.1
suse	suse_linux	6.1
suse	suse_linux	6.2
suse	suse_linux	6.3
suse	suse_linux	6.3
suse	suse_linux	6.3
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	6.4
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.0
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.1
suse	suse_linux	7.2
suse	suse_linux	7.2
suse	suse_linux	7.3
suse	suse_linux	7.3
suse	suse_linux	7.3
suse	suse_linux	7.3
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.2
suse	suse_linux	9.2
ubuntu	ubuntu_linux	4.1
ubuntu	ubuntu_linux	4.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ascii:ptex:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AE020D3-0F38-4F53-AFB7-B4E98EAC659F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cstex:cstetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E16058D9-AC8B-4A7C-865F-93B476348363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*",
              "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.110:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB6AE42-D493-43E5-A97C-76C8450E5881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*",
              "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "739A56F5-B19A-4B92-B9CB-04ECE4FFE204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:advanced_linux_environment:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A05AC3EE-6292-4ECC-9680-048A12FCE723",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
              "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
              "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
              "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
              "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
              "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
              "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
              "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
              "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
              "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
              "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
              "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
              "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
              "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*",
              "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
              "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
              "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
    },
    {
      "lang": "es",
      "value": "El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podr\u00eda dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales."
    }
  ],
  "id": "CVE-2005-0206",
  "lastModified": "2024-11-20T23:54:38.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-27T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-06 05:00

Modified

2024-11-20 23:48

Severity ?

Summary

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

References

URL	Tags
cve@mitre.org	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852	Patch, Vendor Advisory
cve@mitre.org	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066	Patch, Vendor Advisory
cve@mitre.org	http://www.novell.com/linux/security/advisories/2004_20_kernel.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-354.html	Patch, Vendor Advisory
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2004-360.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16599
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867
af854a3a-2127-422b-91ae-364da2661108	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2004_20_kernel.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-354.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2004-360.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16599
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867

Impacted products

Vendor	Product	Version
mandrakesoft	mandrake_multi_network_firewall	8.2
conectiva	linux	10
gentoo	linux	*
linux	linux_kernel	2.0
mandrakesoft	mandrake_linux	9.1
mandrakesoft	mandrake_linux	9.2
mandrakesoft	mandrake_linux	10.0
mandrakesoft	mandrake_linux_corporate_server	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	2.1
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
redhat	enterprise_linux	3.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.1
trustix	secure_linux	2
trustix	secure_linux	2.0
trustix	secure_linux	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB8B4DC-5A39-4349-A90A-F14018DBBDD5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96A6EE7E-C79C-4B25-AFF0-C6638CB3C99A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
              "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
              "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39B3D5AE-05A8-433C-98DD-2711423D3FA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad desconocida en el kernel 2.x de Linux puede permitir a usuarios locales modificar el ID de grupo de ficheros, como ficheros exportados con NFS en kernel 2.4."
    }
  ],
  "id": "CVE-2004-0497",
  "lastModified": "2024-11-20T23:48:43.427",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-06T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-354.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-360.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2004-354.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-360.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2004-1180

Vulnerability from cvelistv5

Published

2005-02-11 05:00

Modified

2024-08-08 00:46

Severity ?

Summary

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

References

▼	URL	Tags
	http://www.debian.org/security/2005/dsa-678	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:039	vendor-advisory, x_refsource_MANDRAKE
	http://secunia.com/advisories/14309	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/linux/download/updates/81_i386.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:11.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-678",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-678"
          },
          {
            "name": "MDKSA-2005:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:039"
          },
          {
            "name": "14309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14309"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/download/updates/81_i386.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-02-18T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-678",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-678"
        },
        {
          "name": "MDKSA-2005:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:039"
        },
        {
          "name": "14309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14309"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.novell.com/linux/download/updates/81_i386.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1180",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-678",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-678"
            },
            {
              "name": "MDKSA-2005:039",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:039"
            },
            {
              "name": "14309",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14309"
            },
            {
              "name": "http://www.novell.com/linux/download/updates/81_i386.html",
              "refsource": "MISC",
              "url": "http://www.novell.com/linux/download/updates/81_i386.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1180",
    "datePublished": "2005-02-11T05:00:00",
    "dateReserved": "2004-12-13T00:00:00",
    "dateUpdated": "2024-08-08T00:46:11.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-0411

Vulnerability from cvelistv5

Published

2008-02-28 21:00

Modified

2024-08-07 07:46

Severity ?

Summary

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

References

▼	URL	Tags
	http://secunia.com/advisories/29103	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-599-1	vendor-advisory, x_refsource_UBUNTU
	http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/29154	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29196	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/488946/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/0693/references	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/29314	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/488932/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/29101	third-party-advisory, x_refsource_SECUNIA
	http://wiki.rpath.com/Advisories:rPSA-2008-0082	x_refsource_CONFIRM
	http://secunia.com/advisories/29112	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/29147	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:055	vendor-advisory, x_refsource_MANDRIVA
	https://issues.rpath.com/browse/RPL-2217	x_refsource_CONFIRM
	http://secunia.com/advisories/29768	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1019511	vdb-entry, x_refsource_SECTRACK
	http://www.debian.org/security/2008/dsa-1510	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2008-0155.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/28017	vdb-entry, x_refsource_BID
	http://scary.beasts.org/security/CESA-2008-001.html	x_refsource_MISC
	https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/29135	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29169	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.370633	vendor-advisory, x_refsource_SLACKWARE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:46:54.069Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "29103",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29103"
          },
          {
            "name": "USN-599-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-599-1"
          },
          {
            "name": "GLSA-200803-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml"
          },
          {
            "name": "29154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29154"
          },
          {
            "name": "29196",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29196"
          },
          {
            "name": "20080228 Ghostscript buffer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/488946/100/0/threaded"
          },
          {
            "name": "ADV-2008-0693",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0693/references"
          },
          {
            "name": "29314",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29314"
          },
          {
            "name": "20080228 rPSA-2008-0082-1 espgs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/488932/100/0/threaded"
          },
          {
            "name": "oval:org.mitre.oval:def:9557",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557"
          },
          {
            "name": "29101",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29101"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0082"
          },
          {
            "name": "29112",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29112"
          },
          {
            "name": "SUSE-SA:2008:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html"
          },
          {
            "name": "29147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29147"
          },
          {
            "name": "MDVSA-2008:055",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:055"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2217"
          },
          {
            "name": "29768",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29768"
          },
          {
            "name": "1019511",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019511"
          },
          {
            "name": "DSA-1510",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1510"
          },
          {
            "name": "RHSA-2008:0155",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0155.html"
          },
          {
            "name": "28017",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28017"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2008-001.html"
          },
          {
            "name": "FEDORA-2008-1998",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html"
          },
          {
            "name": "29135",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29135"
          },
          {
            "name": "29169",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29169"
          },
          {
            "name": "SSA:2008-062-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.370633"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "29103",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29103"
        },
        {
          "name": "USN-599-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-599-1"
        },
        {
          "name": "GLSA-200803-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml"
        },
        {
          "name": "29154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29154"
        },
        {
          "name": "29196",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29196"
        },
        {
          "name": "20080228 Ghostscript buffer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/488946/100/0/threaded"
        },
        {
          "name": "ADV-2008-0693",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0693/references"
        },
        {
          "name": "29314",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29314"
        },
        {
          "name": "20080228 rPSA-2008-0082-1 espgs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/488932/100/0/threaded"
        },
        {
          "name": "oval:org.mitre.oval:def:9557",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557"
        },
        {
          "name": "29101",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29101"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0082"
        },
        {
          "name": "29112",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29112"
        },
        {
          "name": "SUSE-SA:2008:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html"
        },
        {
          "name": "29147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29147"
        },
        {
          "name": "MDVSA-2008:055",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:055"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2217"
        },
        {
          "name": "29768",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29768"
        },
        {
          "name": "1019511",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019511"
        },
        {
          "name": "DSA-1510",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1510"
        },
        {
          "name": "RHSA-2008:0155",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0155.html"
        },
        {
          "name": "28017",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28017"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2008-001.html"
        },
        {
          "name": "FEDORA-2008-1998",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html"
        },
        {
          "name": "29135",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29135"
        },
        {
          "name": "29169",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29169"
        },
        {
          "name": "SSA:2008-062-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.370633"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-0411",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "29103",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29103"
            },
            {
              "name": "USN-599-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-599-1"
            },
            {
              "name": "GLSA-200803-14",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml"
            },
            {
              "name": "29154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29154"
            },
            {
              "name": "29196",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29196"
            },
            {
              "name": "20080228 Ghostscript buffer overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/488946/100/0/threaded"
            },
            {
              "name": "ADV-2008-0693",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0693/references"
            },
            {
              "name": "29314",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29314"
            },
            {
              "name": "20080228 rPSA-2008-0082-1 espgs",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/488932/100/0/threaded"
            },
            {
              "name": "oval:org.mitre.oval:def:9557",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9557"
            },
            {
              "name": "29101",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29101"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0082",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0082"
            },
            {
              "name": "29112",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29112"
            },
            {
              "name": "SUSE-SA:2008:010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00009.html"
            },
            {
              "name": "29147",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29147"
            },
            {
              "name": "MDVSA-2008:055",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:055"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-2217",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-2217"
            },
            {
              "name": "29768",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29768"
            },
            {
              "name": "1019511",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019511"
            },
            {
              "name": "DSA-1510",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1510"
            },
            {
              "name": "RHSA-2008:0155",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0155.html"
            },
            {
              "name": "28017",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28017"
            },
            {
              "name": "http://scary.beasts.org/security/CESA-2008-001.html",
              "refsource": "MISC",
              "url": "http://scary.beasts.org/security/CESA-2008-001.html"
            },
            {
              "name": "FEDORA-2008-1998",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00085.html"
            },
            {
              "name": "29135",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29135"
            },
            {
              "name": "29169",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29169"
            },
            {
              "name": "SSA:2008-062-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.370633"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-0411",
    "datePublished": "2008-02-28T21:00:00",
    "dateReserved": "2008-01-23T00:00:00",
    "dateUpdated": "2024-08-07T07:46:54.069Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4137

Vulnerability from cvelistv5

Published

2007-09-18 19:00

Modified

2024-08-07 14:46

Severity ?

Summary

Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.

References

▼	URL	Tags
	http://bugs.gentoo.org/show_bug.cgi?id=192472	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:183	vendor-advisory, x_refsource_MANDRIVA
	http://www.novell.com/linux/security/advisories/2007_19_sr.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/26868	third-party-advisory, x_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm	x_refsource_CONFIRM
	https://issues.rpath.com/browse/RPL-1751	x_refsource_CONFIRM
	http://secunia.com/advisories/26811	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/27053	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27996	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27275	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27382	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/26857	third-party-advisory, x_refsource_SECUNIA
	http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119	x_refsource_CONFIRM
	http://secunia.com/advisories/26778	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=269001	x_refsource_MISC
	http://secunia.com/advisories/26882	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/26987	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200710-28.xml	vendor-advisory, x_refsource_GENTOO
	http://www.vupen.com/english/advisories/2007/3144	vdb-entry, x_refsource_VUPEN
	ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc	vendor-advisory, x_refsource_SGI
	http://dist.trolltech.com/developer/download/175791_4.diff	x_refsource_MISC
	http://osvdb.org/39384	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/26804	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/26782	third-party-advisory, x_refsource_SECUNIA
	http://dist.trolltech.com/developer/download/175791_3.diff	x_refsource_MISC
	http://fedoranews.org/updates/FEDORA-2007-703.shtml	vendor-advisory, x_refsource_FEDORA
	http://fedoranews.org/updates/FEDORA-2007-221.shtml	vendor-advisory, x_refsource_FEDORA
	http://security.gentoo.org/glsa/glsa-200712-08.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/28021	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-0883.html	vendor-advisory, x_refsource_REDHAT
	http://securitytracker.com/id?1018688	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/481498/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.ubuntu.com/usn/usn-513-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/25657	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2007/dsa-1426	vendor-advisory, x_refsource_DEBIAN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:38.696Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
          },
          {
            "name": "MDKSA-2007:183",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
          },
          {
            "name": "SUSE-SR:2007:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
          },
          {
            "name": "26868",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26868"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1751"
          },
          {
            "name": "26811",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26811"
          },
          {
            "name": "oval:org.mitre.oval:def:11159",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
          },
          {
            "name": "27053",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27053"
          },
          {
            "name": "27996",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27996"
          },
          {
            "name": "27275",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27275"
          },
          {
            "name": "27382",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27382"
          },
          {
            "name": "26857",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
          },
          {
            "name": "26778",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26778"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
          },
          {
            "name": "26882",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26882"
          },
          {
            "name": "26987",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26987"
          },
          {
            "name": "GLSA-200710-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
          },
          {
            "name": "ADV-2007-3144",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3144"
          },
          {
            "name": "20070901-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://dist.trolltech.com/developer/download/175791_4.diff"
          },
          {
            "name": "39384",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39384"
          },
          {
            "name": "26804",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26804"
          },
          {
            "name": "26782",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26782"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://dist.trolltech.com/developer/download/175791_3.diff"
          },
          {
            "name": "FEDORA-2007-703",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
          },
          {
            "name": "FEDORA-2007-2216",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
          },
          {
            "name": "GLSA-200712-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
          },
          {
            "name": "28021",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28021"
          },
          {
            "name": "RHSA-2007:0883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
          },
          {
            "name": "1018688",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018688"
          },
          {
            "name": "20071004 FLEA-2007-0059-1 qt qt-tools",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
          },
          {
            "name": "USN-513-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-513-1"
          },
          {
            "name": "25657",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25657"
          },
          {
            "name": "DSA-1426",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1426"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow.  NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472"
        },
        {
          "name": "MDKSA-2007:183",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183"
        },
        {
          "name": "SUSE-SR:2007:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
        },
        {
          "name": "26868",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26868"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1751"
        },
        {
          "name": "26811",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26811"
        },
        {
          "name": "oval:org.mitre.oval:def:11159",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159"
        },
        {
          "name": "27053",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27053"
        },
        {
          "name": "27996",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27996"
        },
        {
          "name": "27275",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27275"
        },
        {
          "name": "27382",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27382"
        },
        {
          "name": "26857",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119"
        },
        {
          "name": "26778",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26778"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001"
        },
        {
          "name": "26882",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26882"
        },
        {
          "name": "26987",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26987"
        },
        {
          "name": "GLSA-200710-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml"
        },
        {
          "name": "ADV-2007-3144",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3144"
        },
        {
          "name": "20070901-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://dist.trolltech.com/developer/download/175791_4.diff"
        },
        {
          "name": "39384",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39384"
        },
        {
          "name": "26804",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26804"
        },
        {
          "name": "26782",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26782"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://dist.trolltech.com/developer/download/175791_3.diff"
        },
        {
          "name": "FEDORA-2007-703",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
        },
        {
          "name": "FEDORA-2007-2216",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml"
        },
        {
          "name": "GLSA-200712-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml"
        },
        {
          "name": "28021",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28021"
        },
        {
          "name": "RHSA-2007:0883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
        },
        {
          "name": "1018688",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018688"
        },
        {
          "name": "20071004 FLEA-2007-0059-1 qt qt-tools",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded"
        },
        {
          "name": "USN-513-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-513-1"
        },
        {
          "name": "25657",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25657"
        },
        {
          "name": "DSA-1426",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1426"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-4137",
    "datePublished": "2007-09-18T19:00:00",
    "dateReserved": "2007-08-02T00:00:00",
    "dateUpdated": "2024-08-07T14:46:38.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0125

Vulnerability from cvelistv5

Published

2001-05-07 04:00

Modified

2024-08-08 04:06

Severity ?

Summary

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

References

▼	URL	Tags
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3	vendor-advisory, x_refsource_MANDRAKE
	http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html	vendor-advisory, x_refsource_FREEBSD
	http://marc.info/?l=bugtraq&m=97846489313059&w=2	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=97958594330100&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.debian.org/security/2001/dsa-022	vendor-advisory, x_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5829	vdb-entry, x_refsource_XF
	http://www.beedub.com/exmh/symlink.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:55.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDKSA-2001:015",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3"
          },
          {
            "name": "FreeBSD-SA-01:17",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html"
          },
          {
            "name": "20001231 Advisory: exmh symlink vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=97846489313059\u0026w=2"
          },
          {
            "name": "20010112 exmh security vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=97958594330100\u0026w=2"
          },
          {
            "name": "DSA-022",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2001/dsa-022"
          },
          {
            "name": "exmh-error-symlink(5829)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5829"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.beedub.com/exmh/symlink.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-12-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDKSA-2001:015",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3"
        },
        {
          "name": "FreeBSD-SA-01:17",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html"
        },
        {
          "name": "20001231 Advisory: exmh symlink vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=97846489313059\u0026w=2"
        },
        {
          "name": "20010112 exmh security vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=97958594330100\u0026w=2"
        },
        {
          "name": "DSA-022",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2001/dsa-022"
        },
        {
          "name": "exmh-error-symlink(5829)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5829"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.beedub.com/exmh/symlink.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0125",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDKSA-2001:015",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3"
            },
            {
              "name": "FreeBSD-SA-01:17",
              "refsource": "FREEBSD",
              "url": "http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html"
            },
            {
              "name": "20001231 Advisory: exmh symlink vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=97846489313059\u0026w=2"
            },
            {
              "name": "20010112 exmh security vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=97958594330100\u0026w=2"
            },
            {
              "name": "DSA-022",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2001/dsa-022"
            },
            {
              "name": "exmh-error-symlink(5829)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5829"
            },
            {
              "name": "http://www.beedub.com/exmh/symlink.html",
              "refsource": "CONFIRM",
              "url": "http://www.beedub.com/exmh/symlink.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0125",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2001-02-06T00:00:00",
    "dateUpdated": "2024-08-08T04:06:55.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0439

Vulnerability from cvelistv5

Published

2001-09-18 04:00

Modified

2024-08-08 04:21

Severity ?

Summary

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

References

▼	URL	Tags
	http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html	vendor-advisory, x_refsource_FREEBSD
	https://exchange.xforce.ibmcloud.com/vulnerabilities/6261	vdb-entry, x_refsource_XF
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2001-023.html	vendor-advisory, x_refsource_REDHAT
	http://www.osvdb.org/5641	vdb-entry, x_refsource_OSVDB
	http://www.redhat.com/support/errata/RHSA-2001-022.html	vendor-advisory, x_refsource_REDHAT
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389	vendor-advisory, x_refsource_CONECTIVA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:21:38.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FreeBSD-SA-01:35",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html"
          },
          {
            "name": "licq-url-execute-commands(6261)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261"
          },
          {
            "name": "MDKSA-2001:032",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3"
          },
          {
            "name": "RHSA-2001:023",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html"
          },
          {
            "name": "5641",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/5641"
          },
          {
            "name": "RHSA-2001:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html"
          },
          {
            "name": "CLA-2001:389",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-03-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FreeBSD-SA-01:35",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html"
        },
        {
          "name": "licq-url-execute-commands(6261)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261"
        },
        {
          "name": "MDKSA-2001:032",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3"
        },
        {
          "name": "RHSA-2001:023",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html"
        },
        {
          "name": "5641",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/5641"
        },
        {
          "name": "RHSA-2001:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html"
        },
        {
          "name": "CLA-2001:389",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0439",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FreeBSD-SA-01:35",
              "refsource": "FREEBSD",
              "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html"
            },
            {
              "name": "licq-url-execute-commands(6261)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261"
            },
            {
              "name": "MDKSA-2001:032",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3"
            },
            {
              "name": "RHSA-2001:023",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html"
            },
            {
              "name": "5641",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/5641"
            },
            {
              "name": "RHSA-2001:022",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html"
            },
            {
              "name": "CLA-2001:389",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0439",
    "datePublished": "2001-09-18T04:00:00",
    "dateReserved": "2001-05-24T00:00:00",
    "dateUpdated": "2024-08-08T04:21:38.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0441

Vulnerability from cvelistv5

Published

2001-05-24 04:00

Modified

2024-08-08 04:21

Severity ?

Summary

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

References

▼	URL	Tags
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000383	vendor-advisory, x_refsource_CONECTIVA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/6213	vdb-entry, x_refsource_XF
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3	vendor-advisory, x_refsource_MANDRAKE
	http://marc.info/?l=bugtraq&m=98471253131191&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/2493	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2001/dsa-040	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2001-028.html	vendor-advisory, x_refsource_REDHAT
	http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html	vendor-advisory, x_refsource_FREEBSD

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:21:38.397Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2001:383",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383"
          },
          {
            "name": "slrn-wrapping-bo(6213)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213"
          },
          {
            "name": "MDKSA-2001:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3"
          },
          {
            "name": "20010316 Immunix OS Security update for slrn",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2"
          },
          {
            "name": "2493",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2493"
          },
          {
            "name": "DSA-040",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2001/dsa-040"
          },
          {
            "name": "RHSA-2001:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html"
          },
          {
            "name": "FreeBSD-SA-01:37",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-03-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-18T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2001:383",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383"
        },
        {
          "name": "slrn-wrapping-bo(6213)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213"
        },
        {
          "name": "MDKSA-2001:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3"
        },
        {
          "name": "20010316 Immunix OS Security update for slrn",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2"
        },
        {
          "name": "2493",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2493"
        },
        {
          "name": "DSA-040",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2001/dsa-040"
        },
        {
          "name": "RHSA-2001:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html"
        },
        {
          "name": "FreeBSD-SA-01:37",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0441",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2001:383",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383"
            },
            {
              "name": "slrn-wrapping-bo(6213)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213"
            },
            {
              "name": "MDKSA-2001:028",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3"
            },
            {
              "name": "20010316 Immunix OS Security update for slrn",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2"
            },
            {
              "name": "2493",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2493"
            },
            {
              "name": "DSA-040",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2001/dsa-040"
            },
            {
              "name": "RHSA-2001:028",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html"
            },
            {
              "name": "FreeBSD-SA-01:37",
              "refsource": "FREEBSD",
              "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0441",
    "datePublished": "2001-05-24T04:00:00",
    "dateReserved": "2001-05-24T00:00:00",
    "dateUpdated": "2024-08-08T04:21:38.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0020

Vulnerability from cvelistv5

Published

2005-01-22 05:00

Modified

2024-08-07 20:57

Severity ?

Summary

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

References

▼	URL	Tags
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:010	vendor-advisory, x_refsource_MANDRAKE
	http://secunia.com/advisories/13828	third-party-advisory, x_refsource_SECUNIA
	http://securitytracker.com/id?1012957	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/12274	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/13898	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/18933	vdb-entry, x_refsource_XF
	http://www.debian.org/security/2005/dsa-641	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/13890	third-party-advisory, x_refsource_SECUNIA
	http://www.osvdb.org/13049	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.894Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDKSA-2005:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:010"
          },
          {
            "name": "13828",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13828"
          },
          {
            "name": "1012957",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012957"
          },
          {
            "name": "12274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12274"
          },
          {
            "name": "13898",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13898"
          },
          {
            "name": "playmidi-bo(18933)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18933"
          },
          {
            "name": "DSA-641",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-641"
          },
          {
            "name": "13890",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13890"
          },
          {
            "name": "13049",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/13049"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDKSA-2005:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:010"
        },
        {
          "name": "13828",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13828"
        },
        {
          "name": "1012957",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012957"
        },
        {
          "name": "12274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12274"
        },
        {
          "name": "13898",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13898"
        },
        {
          "name": "playmidi-bo(18933)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18933"
        },
        {
          "name": "DSA-641",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-641"
        },
        {
          "name": "13890",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13890"
        },
        {
          "name": "13049",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/13049"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDKSA-2005:010",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:010"
            },
            {
              "name": "13828",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13828"
            },
            {
              "name": "1012957",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012957"
            },
            {
              "name": "12274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12274"
            },
            {
              "name": "13898",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13898"
            },
            {
              "name": "playmidi-bo(18933)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18933"
            },
            {
              "name": "DSA-641",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-641"
            },
            {
              "name": "13890",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13890"
            },
            {
              "name": "13049",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/13049"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0020",
    "datePublished": "2005-01-22T05:00:00",
    "dateReserved": "2005-01-04T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.894Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0977

Vulnerability from cvelistv5

Published

2004-10-20 04:00

Modified

2024-08-08 00:38

Severity ?

Summary

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/11295	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2004/dsa-577	vendor-advisory, x_refsource_DEBIAN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360	vdb-entry, signature, x_refsource_OVAL
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:149	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583	vdb-entry, x_refsource_XF
	http://www.trustix.org/errata/2004/0050	vendor-advisory, x_refsource_TRUSTIX
	http://security.gentoo.org/glsa/glsa-200410-16.xml	vendor-advisory, x_refsource_GENTOO
	https://www.ubuntu.com/usn/usn-6-1/	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=109910073808903&w=2	vendor-advisory, x_refsource_OPENPKG
	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2004-489.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:38:59.438Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "11295",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11295"
          },
          {
            "name": "DSA-577",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-577"
          },
          {
            "name": "oval:org.mitre.oval:def:11360",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360"
          },
          {
            "name": "MDKSA-2004:149",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:149"
          },
          {
            "name": "script-temporary-file-overwrite(17583)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
          },
          {
            "name": "2004-0050",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2004/0050"
          },
          {
            "name": "GLSA-200410-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200410-16.xml"
          },
          {
            "name": "USN-6-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/usn-6-1/"
          },
          {
            "name": "OpenPKG-SA-2004.046",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109910073808903\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300"
          },
          {
            "name": "RHSA-2004:489",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-489.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "11295",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11295"
        },
        {
          "name": "DSA-577",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-577"
        },
        {
          "name": "oval:org.mitre.oval:def:11360",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360"
        },
        {
          "name": "MDKSA-2004:149",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:149"
        },
        {
          "name": "script-temporary-file-overwrite(17583)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
        },
        {
          "name": "2004-0050",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2004/0050"
        },
        {
          "name": "GLSA-200410-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200410-16.xml"
        },
        {
          "name": "USN-6-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/usn-6-1/"
        },
        {
          "name": "OpenPKG-SA-2004.046",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109910073808903\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300"
        },
        {
          "name": "RHSA-2004:489",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-489.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0977",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "11295",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11295"
            },
            {
              "name": "DSA-577",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-577"
            },
            {
              "name": "oval:org.mitre.oval:def:11360",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11360"
            },
            {
              "name": "MDKSA-2004:149",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:149"
            },
            {
              "name": "script-temporary-file-overwrite(17583)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
            },
            {
              "name": "2004-0050",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2004/0050"
            },
            {
              "name": "GLSA-200410-16",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200410-16.xml"
            },
            {
              "name": "USN-6-1",
              "refsource": "UBUNTU",
              "url": "https://www.ubuntu.com/usn/usn-6-1/"
            },
            {
              "name": "OpenPKG-SA-2004.046",
              "refsource": "OPENPKG",
              "url": "http://marc.info/?l=bugtraq\u0026m=109910073808903\u0026w=2"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136300"
            },
            {
              "name": "RHSA-2004:489",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-489.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0977",
    "datePublished": "2004-10-20T04:00:00",
    "dateReserved": "2004-10-19T00:00:00",
    "dateUpdated": "2024-08-08T00:38:59.438Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0977

Vulnerability from cvelistv5

Published

2002-06-25 04:00

Modified

2024-08-08 04:37

Severity ?

Summary

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

References

▼	URL	Tags
	http://www.cert.org/advisories/CA-2001-18.html	third-party-advisory, x_refsource_CERT
	http://www.osvdb.org/1905	vdb-entry, x_refsource_OSVDB
	http://www.redhat.com/support/errata/RHSA-2001-098.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2001/dsa-068	vendor-advisory, x_refsource_DEBIAN
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3	vendor-advisory, x_refsource_MANDRAKE
	http://www.kb.cert.org/vuls/id/935800	third-party-advisory, x_refsource_CERT-VN
	http://www.securityfocus.com/bid/3049	vdb-entry, x_refsource_BID
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000417	vendor-advisory, x_refsource_CONECTIVA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/6904	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:37:07.240Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CA-2001-18",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2001-18.html"
          },
          {
            "name": "1905",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/1905"
          },
          {
            "name": "RHSA-2001:098",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html"
          },
          {
            "name": "DSA-068",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2001/dsa-068"
          },
          {
            "name": "MDKSA-2001:069",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3"
          },
          {
            "name": "VU#935800",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/935800"
          },
          {
            "name": "3049",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3049"
          },
          {
            "name": "CLA-2001:417",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417"
          },
          {
            "name": "openldap-ldap-protos-dos(6904)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-07-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-02-06T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CA-2001-18",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2001-18.html"
        },
        {
          "name": "1905",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/1905"
        },
        {
          "name": "RHSA-2001:098",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html"
        },
        {
          "name": "DSA-068",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2001/dsa-068"
        },
        {
          "name": "MDKSA-2001:069",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3"
        },
        {
          "name": "VU#935800",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/935800"
        },
        {
          "name": "3049",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3049"
        },
        {
          "name": "CLA-2001:417",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417"
        },
        {
          "name": "openldap-ldap-protos-dos(6904)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0977",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CA-2001-18",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2001-18.html"
            },
            {
              "name": "1905",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/1905"
            },
            {
              "name": "RHSA-2001:098",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html"
            },
            {
              "name": "DSA-068",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2001/dsa-068"
            },
            {
              "name": "MDKSA-2001:069",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3"
            },
            {
              "name": "VU#935800",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/935800"
            },
            {
              "name": "3049",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3049"
            },
            {
              "name": "CLA-2001:417",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417"
            },
            {
              "name": "openldap-ldap-protos-dos(6904)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0977",
    "datePublished": "2002-06-25T04:00:00",
    "dateReserved": "2002-01-31T00:00:00",
    "dateUpdated": "2024-08-08T04:37:07.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5116

Vulnerability from cvelistv5

Published

2007-11-07 20:00

Modified

2024-08-07 15:17

Severity ?

Summary

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

References

▼	URL	Tags
	http://secunia.com/advisories/27479	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1400	vendor-advisory, x_refsource_DEBIAN
	http://marc.info/?l=bugtraq&m=120352263023774&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=120352263023774&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2007/4238	vdb-entry, x_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	third-party-advisory, x_refsource_CERT
	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/27936	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/483563/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/28993	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220	vendor-advisory, x_refsource_AIXAPAR
	https://issues.rpath.com/browse/RPL-1813	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1	vendor-advisory, x_refsource_SUNALERT
	http://www.ubuntu.com/usn/usn-552-1	vendor-advisory, x_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669	vdb-entry, signature, x_refsource_OVAL
	http://securitytracker.com/id?1018899	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2008/0641	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/27756	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-0966.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/29074	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/485936/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/27548	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-1011.html	vendor-advisory, x_refsource_REDHAT
	http://lists.vmware.com/pipermail/security-announce/2008/000002.html	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=323571	x_refsource_MISC
	http://secunia.com/advisories/27546	third-party-advisory, x_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml	vendor-advisory, x_refsource_GENTOO
	http://www.vupen.com/english/advisories/2007/3724	vdb-entry, x_refsource_VUPEN
	http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm	x_refsource_CONFIRM
	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html	vendor-advisory, x_refsource_OPENPKG
	https://bugzilla.redhat.com/show_bug.cgi?id=378131	x_refsource_MISC
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1	vendor-advisory, x_refsource_SUNALERT
	http://secunia.com/advisories/27531	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/27515	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27570	third-party-advisory, x_refsource_SECUNIA
	http://docs.info.apple.com/article.html?artnum=307179	x_refsource_CONFIRM
	http://secunia.com/advisories/27613	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28368	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2007_24_sr.html	vendor-advisory, x_refsource_SUSE
	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1	vendor-advisory, x_refsource_SUNALERT
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:207	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2007/4255	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/483584/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.ipcop.org/index.php?name=News&file=article&sid=41	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/38270	vdb-entry, x_refsource_XF
	ftp://aix.software.ibm.com/aix/efixes/security/README	x_refsource_CONFIRM
	http://secunia.com/advisories/31208	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28387	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2008-0001.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/0064	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/28167	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/26350	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/486859/100/0/threaded	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:28.328Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27479"
          },
          {
            "name": "DSA-1400",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1400"
          },
          {
            "name": "HPSBTU02311",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
          },
          {
            "name": "SSRT080001",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
          },
          {
            "name": "ADV-2007-4238",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "TA07-352A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "IZ10244",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
          },
          {
            "name": "27936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27936"
          },
          {
            "name": "20071110 FLEA-2007-0063-1 perl",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
          },
          {
            "name": "28993",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28993"
          },
          {
            "name": "IZ10220",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1813"
          },
          {
            "name": "31524",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
          },
          {
            "name": "USN-552-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-552-1"
          },
          {
            "name": "oval:org.mitre.oval:def:10669",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
          },
          {
            "name": "1018899",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018899"
          },
          {
            "name": "ADV-2008-0641",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0641"
          },
          {
            "name": "27756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27756"
          },
          {
            "name": "RHSA-2007:0966",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
          },
          {
            "name": "29074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29074"
          },
          {
            "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
          },
          {
            "name": "27548",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27548"
          },
          {
            "name": "RHSA-2007:1011",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
          },
          {
            "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
          },
          {
            "name": "27546",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27546"
          },
          {
            "name": "GLSA-200711-28",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
          },
          {
            "name": "ADV-2007-3724",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3724"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
          },
          {
            "name": "OpenPKG-SA-2007.023",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
          },
          {
            "name": "231524",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
          },
          {
            "name": "27531",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27531"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "name": "27515",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27515"
          },
          {
            "name": "27570",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27570"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "27613",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27613"
          },
          {
            "name": "28368",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28368"
          },
          {
            "name": "SUSE-SR:2007:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
          },
          {
            "name": "1018985",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
          },
          {
            "name": "MDKSA-2007:207",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
          },
          {
            "name": "ADV-2007-4255",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4255"
          },
          {
            "name": "20071112 FLEA-2007-0069-1 perl",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
          },
          {
            "name": "perl-unicode-bo(38270)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
          },
          {
            "name": "31208",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31208"
          },
          {
            "name": "28387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28387"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
          },
          {
            "name": "ADV-2008-0064",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0064"
          },
          {
            "name": "28167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28167"
          },
          {
            "name": "26350",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26350"
          },
          {
            "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27479"
        },
        {
          "name": "DSA-1400",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1400"
        },
        {
          "name": "HPSBTU02311",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
        },
        {
          "name": "SSRT080001",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
        },
        {
          "name": "ADV-2007-4238",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4238"
        },
        {
          "name": "TA07-352A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
        },
        {
          "name": "IZ10244",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
        },
        {
          "name": "27936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27936"
        },
        {
          "name": "20071110 FLEA-2007-0063-1 perl",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
        },
        {
          "name": "28993",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28993"
        },
        {
          "name": "IZ10220",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1813"
        },
        {
          "name": "31524",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
        },
        {
          "name": "USN-552-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-552-1"
        },
        {
          "name": "oval:org.mitre.oval:def:10669",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
        },
        {
          "name": "1018899",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018899"
        },
        {
          "name": "ADV-2008-0641",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0641"
        },
        {
          "name": "27756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27756"
        },
        {
          "name": "RHSA-2007:0966",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
        },
        {
          "name": "29074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29074"
        },
        {
          "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
        },
        {
          "name": "27548",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27548"
        },
        {
          "name": "RHSA-2007:1011",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
        },
        {
          "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
        },
        {
          "name": "27546",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27546"
        },
        {
          "name": "GLSA-200711-28",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
        },
        {
          "name": "ADV-2007-3724",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3724"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
        },
        {
          "name": "OpenPKG-SA-2007.023",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
        },
        {
          "name": "231524",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
        },
        {
          "name": "27531",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27531"
        },
        {
          "name": "APPLE-SA-2007-12-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
        },
        {
          "name": "27515",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27515"
        },
        {
          "name": "27570",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27570"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307179"
        },
        {
          "name": "27613",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27613"
        },
        {
          "name": "28368",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28368"
        },
        {
          "name": "SUSE-SR:2007:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
        },
        {
          "name": "1018985",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
        },
        {
          "name": "MDKSA-2007:207",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
        },
        {
          "name": "ADV-2007-4255",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4255"
        },
        {
          "name": "20071112 FLEA-2007-0069-1 perl",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
        },
        {
          "name": "perl-unicode-bo(38270)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
        },
        {
          "name": "31208",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31208"
        },
        {
          "name": "28387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28387"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
        },
        {
          "name": "ADV-2008-0064",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0064"
        },
        {
          "name": "28167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28167"
        },
        {
          "name": "26350",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26350"
        },
        {
          "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5116",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27479"
            },
            {
              "name": "DSA-1400",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1400"
            },
            {
              "name": "HPSBTU02311",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
            },
            {
              "name": "SSRT080001",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120352263023774\u0026w=2"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "IZ10244",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10244"
            },
            {
              "name": "27936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27936"
            },
            {
              "name": "20071110 FLEA-2007-0063-1 perl",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483563/100/0/threaded"
            },
            {
              "name": "28993",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28993"
            },
            {
              "name": "IZ10220",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IZ10220"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1813",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1813"
            },
            {
              "name": "31524",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-31524-1"
            },
            {
              "name": "USN-552-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-552-1"
            },
            {
              "name": "oval:org.mitre.oval:def:10669",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10669"
            },
            {
              "name": "1018899",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018899"
            },
            {
              "name": "ADV-2008-0641",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0641"
            },
            {
              "name": "27756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27756"
            },
            {
              "name": "RHSA-2007:0966",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0966.html"
            },
            {
              "name": "29074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29074"
            },
            {
              "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
            },
            {
              "name": "27548",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27548"
            },
            {
              "name": "RHSA-2007:1011",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-1011.html"
            },
            {
              "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=323571",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=323571"
            },
            {
              "name": "27546",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27546"
            },
            {
              "name": "GLSA-200711-28",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-28.xml"
            },
            {
              "name": "ADV-2007-3724",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3724"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-014.htm"
            },
            {
              "name": "OpenPKG-SA-2007.023",
              "refsource": "OPENPKG",
              "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.023.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=378131",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=378131"
            },
            {
              "name": "231524",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231524-1"
            },
            {
              "name": "27531",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27531"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "27515",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27515"
            },
            {
              "name": "27570",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27570"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "27613",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27613"
            },
            {
              "name": "28368",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28368"
            },
            {
              "name": "SUSE-SR:2007:024",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
            },
            {
              "name": "1018985",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018985.1-1"
            },
            {
              "name": "MDKSA-2007:207",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:207"
            },
            {
              "name": "ADV-2007-4255",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4255"
            },
            {
              "name": "20071112 FLEA-2007-0069-1 perl",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483584/100/0/threaded"
            },
            {
              "name": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41",
              "refsource": "CONFIRM",
              "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=41"
            },
            {
              "name": "perl-unicode-bo(38270)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38270"
            },
            {
              "name": "ftp://aix.software.ibm.com/aix/efixes/security/README",
              "refsource": "CONFIRM",
              "url": "ftp://aix.software.ibm.com/aix/efixes/security/README"
            },
            {
              "name": "31208",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31208"
            },
            {
              "name": "28387",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28387"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
            },
            {
              "name": "ADV-2008-0064",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0064"
            },
            {
              "name": "28167",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28167"
            },
            {
              "name": "26350",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26350"
            },
            {
              "name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5116",
    "datePublished": "2007-11-07T20:00:00",
    "dateReserved": "2007-09-27T00:00:00",
    "dateUpdated": "2024-08-07T15:17:28.328Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-1030

Vulnerability from cvelistv5

Published

2002-06-25 04:00

Modified

2024-08-08 04:44

Severity ?

Summary

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

References

▼	URL	Tags
	http://www.securityfocus.com/archive/1/197727	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/6862	vdb-entry, x_refsource_XF
	http://www.redhat.com/support/errata/RHSA-2001-097.html	vendor-advisory, x_refsource_REDHAT
	http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01	vendor-advisory, x_refsource_IMMUNIX
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3	vendor-advisory, x_refsource_MANDRAKE
	http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt	vendor-advisory, x_refsource_CALDERA
	http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:44:06.644Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20010718 Squid httpd acceleration acl bug enables portscanning",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/197727"
          },
          {
            "name": "squid-http-accelerator-portscanning(6862)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862"
          },
          {
            "name": "RHSA-2001:097",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html"
          },
          {
            "name": "IMNX-2001-70-031-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_IMMUNIX",
              "x_transferred"
            ],
            "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01"
          },
          {
            "name": "MDKSA-2001:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3"
          },
          {
            "name": "CSSA-2001-029.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt"
          },
          {
            "name": "20010719 TSLSA-2001-0013 - Squid",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-07-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-02-06T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20010718 Squid httpd acceleration acl bug enables portscanning",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/197727"
        },
        {
          "name": "squid-http-accelerator-portscanning(6862)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862"
        },
        {
          "name": "RHSA-2001:097",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html"
        },
        {
          "name": "IMNX-2001-70-031-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_IMMUNIX"
          ],
          "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01"
        },
        {
          "name": "MDKSA-2001:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3"
        },
        {
          "name": "CSSA-2001-029.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt"
        },
        {
          "name": "20010719 TSLSA-2001-0013 - Squid",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1030",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20010718 Squid httpd acceleration acl bug enables portscanning",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/197727"
            },
            {
              "name": "squid-http-accelerator-portscanning(6862)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862"
            },
            {
              "name": "RHSA-2001:097",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html"
            },
            {
              "name": "IMNX-2001-70-031-01",
              "refsource": "IMMUNIX",
              "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01"
            },
            {
              "name": "MDKSA-2001:066",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3"
            },
            {
              "name": "CSSA-2001-029.0",
              "refsource": "CALDERA",
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt"
            },
            {
              "name": "20010719 TSLSA-2001-0013 - Squid",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1030",
    "datePublished": "2002-06-25T04:00:00",
    "dateReserved": "2002-01-31T00:00:00",
    "dateUpdated": "2024-08-08T04:44:06.644Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0003

Vulnerability from cvelistv5

Published

2005-01-20 05:00

Modified

2024-08-07 20:57

Severity ?

Summary

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

References

▼	URL	Tags
	http://secunia.com/advisories/20163	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-1082	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:022	vendor-advisory, x_refsource_MANDRAKE
	http://www.novell.com/linux/security/advisories/2005_18_kernel.html	vendor-advisory, x_refsource_SUSE
	http://www.redhat.com/support/errata/RHSA-2005-017.html	vendor-advisory, x_refsource_REDHAT
	http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw	x_refsource_CONFIRM
	http://www.debian.org/security/2006/dsa-1070	vendor-advisory, x_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/18886	vdb-entry, x_refsource_XF
	http://www.redhat.com/support/errata/RHSA-2005-043.html	vendor-advisory, x_refsource_REDHAT
	http://www.trustix.org/errata/2005/0001/	vendor-advisory, x_refsource_TRUSTIX
	http://www.securityfocus.com/bid/12261	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512	vdb-entry, signature, x_refsource_OVAL
	http://www.debian.org/security/2006/dsa-1067	vendor-advisory, x_refsource_DEBIAN
	http://www.debian.org/security/2006/dsa-1069	vendor-advisory, x_refsource_DEBIAN
	http://securitytracker.com/id?1012885	vdb-entry, x_refsource_SECTRACK
	http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg	x_refsource_MISC
	http://secunia.com/advisories/20202	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/20338	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.741Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20163",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20163"
          },
          {
            "name": "DSA-1082",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1082"
          },
          {
            "name": "MDKSA-2005:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
          },
          {
            "name": "SUSE-SA:2005:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
          },
          {
            "name": "RHSA-2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw"
          },
          {
            "name": "DSA-1070",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1070"
          },
          {
            "name": "linux-vma-gain-privileges(18886)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886"
          },
          {
            "name": "RHSA-2005:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
          },
          {
            "name": "2005-0001",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0001/"
          },
          {
            "name": "12261",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12261"
          },
          {
            "name": "oval:org.mitre.oval:def:9512",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512"
          },
          {
            "name": "DSA-1067",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1067"
          },
          {
            "name": "DSA-1069",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1069"
          },
          {
            "name": "1012885",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012885"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg"
          },
          {
            "name": "20202",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20202"
          },
          {
            "name": "20338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20338"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20163",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20163"
        },
        {
          "name": "DSA-1082",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1082"
        },
        {
          "name": "MDKSA-2005:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
        },
        {
          "name": "SUSE-SA:2005:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
        },
        {
          "name": "RHSA-2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw"
        },
        {
          "name": "DSA-1070",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1070"
        },
        {
          "name": "linux-vma-gain-privileges(18886)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886"
        },
        {
          "name": "RHSA-2005:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
        },
        {
          "name": "2005-0001",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0001/"
        },
        {
          "name": "12261",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12261"
        },
        {
          "name": "oval:org.mitre.oval:def:9512",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512"
        },
        {
          "name": "DSA-1067",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1067"
        },
        {
          "name": "DSA-1069",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1069"
        },
        {
          "name": "1012885",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012885"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://linux.bkbits.net:8080/linux-2.6/cset%4041a6721cce-LoPqkzKXudYby_3TUmg"
        },
        {
          "name": "20202",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20202"
        },
        {
          "name": "20338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20338"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0003",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20163",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20163"
            },
            {
              "name": "DSA-1082",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1082"
            },
            {
              "name": "MDKSA-2005:022",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
            },
            {
              "name": "SUSE-SA:2005:018",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
            },
            {
              "name": "RHSA-2005:017",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
            },
            {
              "name": "http://linux.bkbits.net:8080/linux-2.4/cset@41c36fb6q1Z68WUzKQFjJR-40Ev3tw",
              "refsource": "CONFIRM",
              "url": "http://linux.bkbits.net:8080/linux-2.4/cset@41c36fb6q1Z68WUzKQFjJR-40Ev3tw"
            },
            {
              "name": "DSA-1070",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1070"
            },
            {
              "name": "linux-vma-gain-privileges(18886)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18886"
            },
            {
              "name": "RHSA-2005:043",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
            },
            {
              "name": "2005-0001",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0001/"
            },
            {
              "name": "12261",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12261"
            },
            {
              "name": "oval:org.mitre.oval:def:9512",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9512"
            },
            {
              "name": "DSA-1067",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1067"
            },
            {
              "name": "DSA-1069",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1069"
            },
            {
              "name": "1012885",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012885"
            },
            {
              "name": "http://linux.bkbits.net:8080/linux-2.6/cset@41a6721cce-LoPqkzKXudYby_3TUmg",
              "refsource": "MISC",
              "url": "http://linux.bkbits.net:8080/linux-2.6/cset@41a6721cce-LoPqkzKXudYby_3TUmg"
            },
            {
              "name": "20202",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20202"
            },
            {
              "name": "20338",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20338"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0003",
    "datePublished": "2005-01-20T05:00:00",
    "dateReserved": "2005-01-03T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.741Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6284

Vulnerability from cvelistv5

Published

2008-01-12 02:00

Modified

2024-08-07 16:02

Severity ?

Summary

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

References

▼	URL	Tags
	http://secunia.com/advisories/28439	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200801-20.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/28466	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1033/references	vdb-entry, x_refsource_VUPEN
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1	vendor-advisory, x_refsource_SUNALERT
	http://www.debian.org/security/2008/dsa-1461	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/569-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.novell.com/linux/security/advisories/suse_security_summary_report.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/archive/1/490306/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/bid/27248	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/28444	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:010	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2008/0117	vdb-entry, x_refsource_VUPEN
	http://www.xmlsoft.org/news.html	x_refsource_CONFIRM
	http://secunia.com/advisories/28716	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28740	third-party-advisory, x_refsource_SECUNIA
	http://mail.gnome.org/archives/xml/2008-January/msg00036.html	mailing-list, x_refsource_MLIST
	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/28475	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/archive/1/486410/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/0144	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/28458	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29591	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/2094/references	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/28636	third-party-advisory, x_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm	x_refsource_CONFIRM
	https://issues.rpath.com/browse/RPL-2121	x_refsource_CONFIRM
	http://lists.vmware.com/pipermail/security-announce/2008/000009.html	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2008-0032.html	vendor-advisory, x_refsource_REDHAT
	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/28470	third-party-advisory, x_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1	vendor-advisory, x_refsource_SUNALERT
	http://secunia.com/advisories/28450	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/31074	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=425927	x_refsource_MISC
	http://bugs.gentoo.org/show_bug.cgi?id=202628	x_refsource_CONFIRM
	http://secunia.com/advisories/28452	third-party-advisory, x_refsource_SECUNIA
	http://securitytracker.com/id?1019181	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:02:36.031Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28439",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28439"
          },
          {
            "name": "GLSA-200801-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-20.xml"
          },
          {
            "name": "28466",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28466"
          },
          {
            "name": "ADV-2008-1033",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1033/references"
          },
          {
            "name": "103201",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1"
          },
          {
            "name": "DSA-1461",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1461"
          },
          {
            "name": "USN-569-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/569-1/"
          },
          {
            "name": "SUSE-SR:2008:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
          },
          {
            "name": "20080329 VMSA-2008-0006 Updated libxml2 service console package",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490306/100/0/threaded"
          },
          {
            "name": "oval:org.mitre.oval:def:5216",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216"
          },
          {
            "name": "27248",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27248"
          },
          {
            "name": "28444",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28444"
          },
          {
            "name": "MDVSA-2008:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:010"
          },
          {
            "name": "ADV-2008-0117",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0117"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.xmlsoft.org/news.html"
          },
          {
            "name": "28716",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28716"
          },
          {
            "name": "28740",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28740"
          },
          {
            "name": "[xml] 20080111 Security flaw affecting all previous libxml2 releases",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.gnome.org/archives/xml/2008-January/msg00036.html"
          },
          {
            "name": "FEDORA-2008-0462",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html"
          },
          {
            "name": "28475",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28475"
          },
          {
            "name": "oval:org.mitre.oval:def:11594",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594"
          },
          {
            "name": "20080115 rPSA-2008-0017-1 libxml2",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486410/100/0/threaded"
          },
          {
            "name": "APPLE-SA-2008-07-11",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm"
          },
          {
            "name": "ADV-2008-0144",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0144"
          },
          {
            "name": "28458",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28458"
          },
          {
            "name": "29591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29591"
          },
          {
            "name": "ADV-2008-2094",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2094/references"
          },
          {
            "name": "28636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28636"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-2121"
          },
          {
            "name": "[Security-announce] 20080328 VMSA-2008-0006 Updated libxml2 service console package",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000009.html"
          },
          {
            "name": "RHSA-2008:0032",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0032.html"
          },
          {
            "name": "FEDORA-2008-0477",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html"
          },
          {
            "name": "28470",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28470"
          },
          {
            "name": "201514",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1"
          },
          {
            "name": "28450",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28450"
          },
          {
            "name": "31074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31074"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=202628"
          },
          {
            "name": "28452",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28452"
          },
          {
            "name": "1019181",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019181"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "28439",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28439"
        },
        {
          "name": "GLSA-200801-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-20.xml"
        },
        {
          "name": "28466",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28466"
        },
        {
          "name": "ADV-2008-1033",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1033/references"
        },
        {
          "name": "103201",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1"
        },
        {
          "name": "DSA-1461",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1461"
        },
        {
          "name": "USN-569-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/569-1/"
        },
        {
          "name": "SUSE-SR:2008:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
        },
        {
          "name": "20080329 VMSA-2008-0006 Updated libxml2 service console package",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490306/100/0/threaded"
        },
        {
          "name": "oval:org.mitre.oval:def:5216",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5216"
        },
        {
          "name": "27248",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27248"
        },
        {
          "name": "28444",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28444"
        },
        {
          "name": "MDVSA-2008:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:010"
        },
        {
          "name": "ADV-2008-0117",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0117"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.xmlsoft.org/news.html"
        },
        {
          "name": "28716",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28716"
        },
        {
          "name": "28740",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28740"
        },
        {
          "name": "[xml] 20080111 Security flaw affecting all previous libxml2 releases",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.gnome.org/archives/xml/2008-January/msg00036.html"
        },
        {
          "name": "FEDORA-2008-0462",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html"
        },
        {
          "name": "28475",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28475"
        },
        {
          "name": "oval:org.mitre.oval:def:11594",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11594"
        },
        {
          "name": "20080115 rPSA-2008-0017-1 libxml2",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486410/100/0/threaded"
        },
        {
          "name": "APPLE-SA-2008-07-11",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-047.htm"
        },
        {
          "name": "ADV-2008-0144",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0144"
        },
        {
          "name": "28458",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28458"
        },
        {
          "name": "29591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29591"
        },
        {
          "name": "ADV-2008-2094",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2094/references"
        },
        {
          "name": "28636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28636"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-050.htm"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-2121"
        },
        {
          "name": "[Security-announce] 20080328 VMSA-2008-0006 Updated libxml2 service console package",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2008/000009.html"
        },
        {
          "name": "RHSA-2008:0032",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0032.html"
        },
        {
          "name": "FEDORA-2008-0477",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html"
        },
        {
          "name": "28470",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28470"
        },
        {
          "name": "201514",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201514-1"
        },
        {
          "name": "28450",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28450"
        },
        {
          "name": "31074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31074"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=202628"
        },
        {
          "name": "28452",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28452"
        },
        {
          "name": "1019181",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019181"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-6284",
    "datePublished": "2008-01-12T02:00:00",
    "dateReserved": "2007-12-10T00:00:00",
    "dateUpdated": "2024-08-07T16:02:36.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0462

Vulnerability from cvelistv5

Published

2003-07-25 04:00

Modified

2024-08-08 01:58

Severity ?

Summary

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2003-238.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2004/dsa-423	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2003-198.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2003-239.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309	vdb-entry, signature, x_refsource_OVAL
	http://www.debian.org/security/2004/dsa-358	vendor-advisory, x_refsource_DEBIAN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:58:09.649Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2003:238",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
          },
          {
            "name": "DSA-423",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-423"
          },
          {
            "name": "RHSA-2003:198",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html"
          },
          {
            "name": "RHSA-2003:239",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html"
          },
          {
            "name": "oval:org.mitre.oval:def:309",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309"
          },
          {
            "name": "DSA-358",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-358"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-07-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2003:238",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
        },
        {
          "name": "DSA-423",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-423"
        },
        {
          "name": "RHSA-2003:198",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html"
        },
        {
          "name": "RHSA-2003:239",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html"
        },
        {
          "name": "oval:org.mitre.oval:def:309",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309"
        },
        {
          "name": "DSA-358",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-358"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0462",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2003:238",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
            },
            {
              "name": "DSA-423",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-423"
            },
            {
              "name": "RHSA-2003:198",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html"
            },
            {
              "name": "RHSA-2003:239",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html"
            },
            {
              "name": "oval:org.mitre.oval:def:309",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A309"
            },
            {
              "name": "DSA-358",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-358"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0462",
    "datePublished": "2003-07-25T04:00:00",
    "dateReserved": "2003-06-26T00:00:00",
    "dateUpdated": "2024-08-08T01:58:09.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2002-0083

Vulnerability from cvelistv5

Published

2002-06-25 04:00

Modified

2024-08-08 02:35

Severity ?

Summary

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

References

▼	URL	Tags
	http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html	mailing-list, x_refsource_BUGTRAQ
	ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt	vendor-advisory, x_refsource_CALDERA
	http://www.osvdb.org/730	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/4241	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=101561384821761&w=2	mailing-list, x_refsource_BUGTRAQ
	ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt	vendor-advisory, x_refsource_CALDERA
	http://online.securityfocus.com/advisories/3960	vendor-advisory, x_refsource_HP
	http://www.debian.org/security/2002/dsa-119	vendor-advisory, x_refsource_DEBIAN
	http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html	vendor-advisory, x_refsource_SUSE
	http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt	vendor-advisory, x_refsource_CALDERA
	http://marc.info/?l=bugtraq&m=101586991827622&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.linuxsecurity.com/advisories/other_advisory-1937.html	vendor-advisory, x_refsource_ENGARDE
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467	vendor-advisory, x_refsource_CONECTIVA
	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc	vendor-advisory, x_refsource_NETBSD
	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc	vendor-advisory, x_refsource_FREEBSD
	http://marc.info/?l=bugtraq&m=101553908201861&w=2	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=101552065005254&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2002-043.html	vendor-advisory, x_refsource_REDHAT
	http://www.iss.net/security_center/static/8383.php	vdb-entry, x_refsource_XF
	http://www.openbsd.org/advisories/ssh_channelalloc.txt	x_refsource_CONFIRM
	http://online.securityfocus.com/archive/1/264657	mailing-list, x_refsource_BUGTRAQ
	http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html	mailing-list, x_refsource_VULNWATCH

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:35:17.574Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20020311 TSLSA-2002-0039 - openssh",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
          },
          {
            "name": "CSSA-2002-SCO.10",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
          },
          {
            "name": "730",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/730"
          },
          {
            "name": "4241",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4241"
          },
          {
            "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
          },
          {
            "name": "CSSA-2002-SCO.11",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
          },
          {
            "name": "HPSBTL0203-029",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/advisories/3960"
          },
          {
            "name": "DSA-119",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2002/dsa-119"
          },
          {
            "name": "SuSE-SA:2002:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
          },
          {
            "name": "CSSA-2002-012.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
          },
          {
            "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
          },
          {
            "name": "ESA-20020307-007",
            "tags": [
              "vendor-advisory",
              "x_refsource_ENGARDE",
              "x_transferred"
            ],
            "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
          },
          {
            "name": "CLA-2002:467",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
          },
          {
            "name": "NetBSD-SA2002-004",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
          },
          {
            "name": "FreeBSD-SA-02:13",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
          },
          {
            "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
          },
          {
            "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
          },
          {
            "name": "MDKSA-2002:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
          },
          {
            "name": "RHSA-2002:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
          },
          {
            "name": "openssh-channel-error(8383)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/8383.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
          },
          {
            "name": "20020328 OpenSSH channel_lookup() off by one exploit",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/archive/1/264657"
          },
          {
            "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-03-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-06-16T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20020311 TSLSA-2002-0039 - openssh",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
        },
        {
          "name": "CSSA-2002-SCO.10",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
        },
        {
          "name": "730",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/730"
        },
        {
          "name": "4241",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4241"
        },
        {
          "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
        },
        {
          "name": "CSSA-2002-SCO.11",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
        },
        {
          "name": "HPSBTL0203-029",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://online.securityfocus.com/advisories/3960"
        },
        {
          "name": "DSA-119",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2002/dsa-119"
        },
        {
          "name": "SuSE-SA:2002:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
        },
        {
          "name": "CSSA-2002-012.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
        },
        {
          "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
        },
        {
          "name": "ESA-20020307-007",
          "tags": [
            "vendor-advisory",
            "x_refsource_ENGARDE"
          ],
          "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
        },
        {
          "name": "CLA-2002:467",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
        },
        {
          "name": "NetBSD-SA2002-004",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
        },
        {
          "name": "FreeBSD-SA-02:13",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
        },
        {
          "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
        },
        {
          "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
        },
        {
          "name": "MDKSA-2002:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
        },
        {
          "name": "RHSA-2002:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
        },
        {
          "name": "openssh-channel-error(8383)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/8383.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
        },
        {
          "name": "20020328 OpenSSH channel_lookup() off by one exploit",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://online.securityfocus.com/archive/1/264657"
        },
        {
          "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0083",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20020311 TSLSA-2002-0039 - openssh",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
            },
            {
              "name": "CSSA-2002-SCO.10",
              "refsource": "CALDERA",
              "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt"
            },
            {
              "name": "730",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/730"
            },
            {
              "name": "4241",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4241"
            },
            {
              "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
            },
            {
              "name": "CSSA-2002-SCO.11",
              "refsource": "CALDERA",
              "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt"
            },
            {
              "name": "HPSBTL0203-029",
              "refsource": "HP",
              "url": "http://online.securityfocus.com/advisories/3960"
            },
            {
              "name": "DSA-119",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2002/dsa-119"
            },
            {
              "name": "SuSE-SA:2002:009",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
            },
            {
              "name": "CSSA-2002-012.0",
              "refsource": "CALDERA",
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt"
            },
            {
              "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
            },
            {
              "name": "ESA-20020307-007",
              "refsource": "ENGARDE",
              "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
            },
            {
              "name": "CLA-2002:467",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
            },
            {
              "name": "NetBSD-SA2002-004",
              "refsource": "NETBSD",
              "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc"
            },
            {
              "name": "FreeBSD-SA-02:13",
              "refsource": "FREEBSD",
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
            },
            {
              "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
            },
            {
              "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
            },
            {
              "name": "MDKSA-2002:019",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php"
            },
            {
              "name": "RHSA-2002:043",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html"
            },
            {
              "name": "openssh-channel-error(8383)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/8383.php"
            },
            {
              "name": "http://www.openbsd.org/advisories/ssh_channelalloc.txt",
              "refsource": "CONFIRM",
              "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
            },
            {
              "name": "20020328 OpenSSH channel_lookup() off by one exploit",
              "refsource": "BUGTRAQ",
              "url": "http://online.securityfocus.com/archive/1/264657"
            },
            {
              "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0083",
    "datePublished": "2002-06-25T04:00:00",
    "dateReserved": "2002-03-06T00:00:00",
    "dateUpdated": "2024-08-08T02:35:17.574Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-2392

Vulnerability from cvelistv5

Published

2005-08-17 04:00

Modified

2024-08-08 01:22

Severity ?

Summary

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/10368	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16188	vdb-entry, x_refsource_XF
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:044	vendor-advisory, x_refsource_MANDRAKE
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2005-770.html	vendor-advisory, x_refsource_REDHAT
	http://securitytracker.com/id?1010187	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:22:13.810Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10368",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10368"
          },
          {
            "name": "libuser-dos(16188)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16188"
          },
          {
            "name": "MDKSA-2004:044",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:044"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168"
          },
          {
            "name": "RHSA-2005:770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-770.html"
          },
          {
            "name": "1010187",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1010187"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10368",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10368"
        },
        {
          "name": "libuser-dos(16188)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16188"
        },
        {
          "name": "MDKSA-2004:044",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:044"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168"
        },
        {
          "name": "RHSA-2005:770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-770.html"
        },
        {
          "name": "1010187",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1010187"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2392",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10368",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10368"
            },
            {
              "name": "libuser-dos(16188)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16188"
            },
            {
              "name": "MDKSA-2004:044",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:044"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120168"
            },
            {
              "name": "RHSA-2005:770",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-770.html"
            },
            {
              "name": "1010187",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1010187"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2392",
    "datePublished": "2005-08-17T04:00:00",
    "dateReserved": "2005-08-17T00:00:00",
    "dateUpdated": "2024-08-08T01:22:13.810Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-2377

Vulnerability from cvelistv5

Published

2005-07-26 04:00

Modified

2024-08-07 22:22

Severity ?

Summary

nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/40501	vdb-entry, x_refsource_XF
	http://qa.mandriva.com/show_bug.cgi?id=13271	x_refsource_MISC
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:121	vendor-advisory, x_refsource_MANDRAKE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:22:49.058Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "nssldap-sigpipe-dos(40501)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40501"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://qa.mandriva.com/show_bug.cgi?id=13271"
          },
          {
            "name": "MDKSA-2005:121",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:121"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-07-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable.  NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "nssldap-sigpipe-dos(40501)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40501"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://qa.mandriva.com/show_bug.cgi?id=13271"
        },
        {
          "name": "MDKSA-2005:121",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:121"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2377",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable.  NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "nssldap-sigpipe-dos(40501)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40501"
            },
            {
              "name": "http://qa.mandriva.com/show_bug.cgi?id=13271",
              "refsource": "MISC",
              "url": "http://qa.mandriva.com/show_bug.cgi?id=13271"
            },
            {
              "name": "MDKSA-2005:121",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:121"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2377",
    "datePublished": "2005-07-26T04:00:00",
    "dateReserved": "2005-07-26T00:00:00",
    "dateUpdated": "2024-08-07T22:22:49.058Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0279

Vulnerability from cvelistv5

Published

2001-05-07 04:00

Modified

2024-08-08 04:14

Severity ?

Summary

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2001-018.html	vendor-advisory, x_refsource_REDHAT
	http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html	mailing-list, x_refsource_BUGTRAQ
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3	vendor-advisory, x_refsource_MANDRAKE
	http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html	mailing-list, x_refsource_BUGTRAQ
	http://www.debian.org/security/2001/dsa-031	vendor-advisory, x_refsource_DEBIAN
	http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html	mailing-list, x_refsource_BUGTRAQ
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000381	vendor-advisory, x_refsource_CONECTIVA
	http://www.redhat.com/support/errata/RHSA-2001-019.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:14:07.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2001:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-018.html"
          },
          {
            "name": "20010222 Sudo version 1.6.3p6 now available (fwd)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html"
          },
          {
            "name": "MDKSA-2001:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3"
          },
          {
            "name": "20010225 [slackware-security] buffer overflow in sudo fixed",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html"
          },
          {
            "name": "DSA-031",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2001/dsa-031"
          },
          {
            "name": "20010226 Trustix Security Advisory - sudo",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html"
          },
          {
            "name": "CLA-2001:381",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000381"
          },
          {
            "name": "RHSA-2001:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-019.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-02-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2001:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-018.html"
        },
        {
          "name": "20010222 Sudo version 1.6.3p6 now available (fwd)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html"
        },
        {
          "name": "MDKSA-2001:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3"
        },
        {
          "name": "20010225 [slackware-security] buffer overflow in sudo fixed",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html"
        },
        {
          "name": "DSA-031",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2001/dsa-031"
        },
        {
          "name": "20010226 Trustix Security Advisory - sudo",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html"
        },
        {
          "name": "CLA-2001:381",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000381"
        },
        {
          "name": "RHSA-2001:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-019.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0279",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2001:018",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-018.html"
            },
            {
              "name": "20010222 Sudo version 1.6.3p6 now available (fwd)",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html"
            },
            {
              "name": "MDKSA-2001:024",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3"
            },
            {
              "name": "20010225 [slackware-security] buffer overflow in sudo fixed",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html"
            },
            {
              "name": "DSA-031",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2001/dsa-031"
            },
            {
              "name": "20010226 Trustix Security Advisory - sudo",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html"
            },
            {
              "name": "CLA-2001:381",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000381"
            },
            {
              "name": "RHSA-2001:019",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-019.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0279",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2001-04-04T00:00:00",
    "dateUpdated": "2024-08-08T04:14:07.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1014

Vulnerability from cvelistv5

Published

2004-12-08 05:00

Modified

2024-08-08 00:38

Severity ?

Summary

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

References

▼	URL	Tags
	http://www.debian.org/security/2004/dsa-606	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2005-014.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2004-583.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/11785	vdb-entry, x_refsource_BID
	http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258&view=markup	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/426072/30/6740/threaded	vendor-advisory, x_refsource_FEDORA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899	vdb-entry, signature, x_refsource_OVAL
	https://www.ubuntu.com/usn/usn-36-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.trustix.org/errata/2004/0065/	vendor-advisory, x_refsource_TRUSTIX
	https://exchange.xforce.ibmcloud.com/vulnerabilities/18332	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:38:59.824Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-606",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-606"
          },
          {
            "name": "RHSA-2005:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-014.html"
          },
          {
            "name": "RHSA-2004:583",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-583.html"
          },
          {
            "name": "11785",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11785"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258\u0026view=markup"
          },
          {
            "name": "FLSA-2006:138098",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426072/30/6740/threaded"
          },
          {
            "name": "oval:org.mitre.oval:def:10899",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899"
          },
          {
            "name": "USN-36-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/usn-36-1/"
          },
          {
            "name": "2004-0065",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2004/0065/"
          },
          {
            "name": "nfs-utils-statd-dos(18332)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18332"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-12-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-606",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-606"
        },
        {
          "name": "RHSA-2005:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-014.html"
        },
        {
          "name": "RHSA-2004:583",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-583.html"
        },
        {
          "name": "11785",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11785"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258\u0026view=markup"
        },
        {
          "name": "FLSA-2006:138098",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/426072/30/6740/threaded"
        },
        {
          "name": "oval:org.mitre.oval:def:10899",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899"
        },
        {
          "name": "USN-36-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/usn-36-1/"
        },
        {
          "name": "2004-0065",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2004/0065/"
        },
        {
          "name": "nfs-utils-statd-dos(18332)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18332"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1014",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-606",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-606"
            },
            {
              "name": "RHSA-2005:014",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-014.html"
            },
            {
              "name": "RHSA-2004:583",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-583.html"
            },
            {
              "name": "11785",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11785"
            },
            {
              "name": "http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258\u0026view=markup",
              "refsource": "CONFIRM",
              "url": "http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258\u0026view=markup"
            },
            {
              "name": "FLSA-2006:138098",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/archive/1/426072/30/6740/threaded"
            },
            {
              "name": "oval:org.mitre.oval:def:10899",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10899"
            },
            {
              "name": "USN-36-1",
              "refsource": "UBUNTU",
              "url": "https://www.ubuntu.com/usn/usn-36-1/"
            },
            {
              "name": "2004-0065",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2004/0065/"
            },
            {
              "name": "nfs-utils-statd-dos(18332)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18332"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1014",
    "datePublished": "2004-12-08T05:00:00",
    "dateReserved": "2004-11-04T00:00:00",
    "dateUpdated": "2024-08-08T00:38:59.824Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0496

Vulnerability from cvelistv5

Published

2004-07-06 04:00

Modified

2024-08-08 00:17

Severity ?

Summary

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16625	vdb-entry, x_refsource_XF
	http://www.novell.com/linux/security/advisories/2004_20_kernel.html	vendor-advisory, x_refsource_SUSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:15.052Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "linux-gain-privileges(16625)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16625"
          },
          {
            "name": "SUSE-SA:2004:020",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-07-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "linux-gain-privileges(16625)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16625"
        },
        {
          "name": "SUSE-SA:2004:020",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0496",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "linux-gain-privileges(16625)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16625"
            },
            {
              "name": "SUSE-SA:2004:020",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0496",
    "datePublished": "2004-07-06T04:00:00",
    "dateReserved": "2004-05-27T00:00:00",
    "dateUpdated": "2024-08-08T00:17:15.052Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0983

Vulnerability from cvelistv5

Published

2004-11-19 05:00

Modified

2024-08-08 00:38

Severity ?

Summary

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2004-635.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:128	vendor-advisory, x_refsource_MANDRAKE
	http://www.securityfocus.com/bid/11618	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268	vdb-entry, signature, x_refsource_OVAL
	https://usn.ubuntu.com/20-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2004/dsa-586	vendor-advisory, x_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17985	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:38:59.645Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2004:635",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-635.html"
          },
          {
            "name": "MDKSA-2004:128",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:128"
          },
          {
            "name": "11618",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11618"
          },
          {
            "name": "oval:org.mitre.oval:def:10268",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268"
          },
          {
            "name": "USN-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/20-1/"
          },
          {
            "name": "DSA-586",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-586"
          },
          {
            "name": "ruby-cgi-dos(17985)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17985"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-11-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2004:635",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-635.html"
        },
        {
          "name": "MDKSA-2004:128",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:128"
        },
        {
          "name": "11618",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11618"
        },
        {
          "name": "oval:org.mitre.oval:def:10268",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268"
        },
        {
          "name": "USN-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/20-1/"
        },
        {
          "name": "DSA-586",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-586"
        },
        {
          "name": "ruby-cgi-dos(17985)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17985"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0983",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2004:635",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-635.html"
            },
            {
              "name": "MDKSA-2004:128",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:128"
            },
            {
              "name": "11618",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11618"
            },
            {
              "name": "oval:org.mitre.oval:def:10268",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10268"
            },
            {
              "name": "USN-20-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/20-1/"
            },
            {
              "name": "DSA-586",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-586"
            },
            {
              "name": "ruby-cgi-dos(17985)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17985"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0983",
    "datePublished": "2004-11-19T05:00:00",
    "dateReserved": "2004-10-24T00:00:00",
    "dateUpdated": "2024-08-08T00:38:59.645Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0535

Vulnerability from cvelistv5

Published

2004-06-08 04:00

Modified

2024-08-08 00:24

Severity ?

Summary

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/10352	vdb-entry, x_refsource_BID
	http://www.redhat.com/support/errata/RHSA-2004-413.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2004-418.html	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log	x_refsource_CONFIRM
	http://lwn.net/Articles/91155/	vendor-advisory, x_refsource_FEDORA
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845	vendor-advisory, x_refsource_CONECTIVA
	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:062	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16159	vdb-entry, x_refsource_XF
	ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc	vendor-advisory, x_refsource_SGI
	http://security.gentoo.org/glsa/glsa-200407-02.xml	vendor-advisory, x_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136	vdb-entry, signature, x_refsource_OVAL
	http://www.novell.com/linux/security/advisories/2004_20_kernel.html	vendor-advisory, x_refsource_SUSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:26.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10352",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10352"
          },
          {
            "name": "RHSA-2004:413",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
          },
          {
            "name": "RHSA-2004:418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
          },
          {
            "name": "FEDORA-2004-186",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lwn.net/Articles/91155/"
          },
          {
            "name": "CLA-2004:845",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
          },
          {
            "name": "MDKSA-2004:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
          },
          {
            "name": "linux-e1000-bo(16159)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
          },
          {
            "name": "20040804-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
          },
          {
            "name": "GLSA-200407-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:11136",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
          },
          {
            "name": "SUSE-SA:2004:020",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory.  NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10352",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10352"
        },
        {
          "name": "RHSA-2004:413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
        },
        {
          "name": "RHSA-2004:418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
        },
        {
          "name": "FEDORA-2004-186",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lwn.net/Articles/91155/"
        },
        {
          "name": "CLA-2004:845",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
        },
        {
          "name": "MDKSA-2004:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
        },
        {
          "name": "linux-e1000-bo(16159)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
        },
        {
          "name": "20040804-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
        },
        {
          "name": "GLSA-200407-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:11136",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
        },
        {
          "name": "SUSE-SA:2004:020",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory.  NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10352",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10352"
            },
            {
              "name": "RHSA-2004:413",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
            },
            {
              "name": "RHSA-2004:418",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log"
            },
            {
              "name": "FEDORA-2004-186",
              "refsource": "FEDORA",
              "url": "http://lwn.net/Articles/91155/"
            },
            {
              "name": "CLA-2004:845",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168"
            },
            {
              "name": "MDKSA-2004:062",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:062"
            },
            {
              "name": "linux-e1000-bo(16159)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159"
            },
            {
              "name": "20040804-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
            },
            {
              "name": "GLSA-200407-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:11136",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11136"
            },
            {
              "name": "SUSE-SA:2004:020",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0535",
    "datePublished": "2004-06-08T04:00:00",
    "dateReserved": "2004-06-04T00:00:00",
    "dateUpdated": "2024-08-08T00:24:26.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1307

Vulnerability from cvelistv5

Published

2005-05-04 04:00

Modified

2024-08-08 00:46

Severity ?

Summary

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

References

▼	URL	Tags
	http://www.us-cert.gov/cas/techalerts/TA05-136A.html	third-party-advisory, x_refsource_CERT
	http://www.kb.cert.org/vuls/id/539110	third-party-advisory, x_refsource_CERT-VN
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1	vendor-advisory, x_refsource_SUNALERT
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1	vendor-advisory, x_refsource_SUNALERT
	http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true	third-party-advisory, x_refsource_IDEFENSE
	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html	vendor-advisory, x_refsource_APPLE
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175	vdb-entry, signature, x_refsource_OVAL

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:12.284Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "TA05-136A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html"
          },
          {
            "name": "VU#539110",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/539110"
          },
          {
            "name": "201072",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
          },
          {
            "name": "101677",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
          },
          {
            "name": "20041221 libtiff STRIPOFFSETS Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "name": "APPLE-SA-2005-05-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11175",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-12-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "TA05-136A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html"
        },
        {
          "name": "VU#539110",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/539110"
        },
        {
          "name": "201072",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
        },
        {
          "name": "101677",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
        },
        {
          "name": "20041221 libtiff STRIPOFFSETS Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true"
        },
        {
          "name": "APPLE-SA-2005-05-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11175",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1307",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "TA05-136A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html"
            },
            {
              "name": "VU#539110",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/539110"
            },
            {
              "name": "201072",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1"
            },
            {
              "name": "101677",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1"
            },
            {
              "name": "20041221 libtiff STRIPOFFSETS Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true"
            },
            {
              "name": "APPLE-SA-2005-05-03",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11175",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1307",
    "datePublished": "2005-05-04T04:00:00",
    "dateReserved": "2004-12-21T00:00:00",
    "dateUpdated": "2024-08-08T00:46:12.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0565

Vulnerability from cvelistv5

Published

2004-07-08 04:00

Modified

2024-08-08 00:24

Severity ?

Summary

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

References

▼	URL	Tags
	http://secunia.com/advisories/20163	third-party-advisory, x_refsource_SECUNIA
	http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html	mailing-list, x_refsource_MLIST
	http://www.debian.org/security/2006/dsa-1082	vendor-advisory, x_refsource_DEBIAN
	http://www.debian.org/security/2006/dsa-1070	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/20162	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714	vdb-entry, signature, x_refsource_OVAL
	http://www.debian.org/security/2006/dsa-1067	vendor-advisory, x_refsource_DEBIAN
	http://www.debian.org/security/2006/dsa-1069	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/10687	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734	x_refsource_MISC
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:066	vendor-advisory, x_refsource_MANDRAKE
	http://secunia.com/advisories/20202	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2004-504.html	vendor-advisory, x_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16644	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/20338	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:25.856Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20163",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20163"
          },
          {
            "name": "[owl-users] 20040619 Linux 2.4.26-ow2",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html"
          },
          {
            "name": "DSA-1082",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1082"
          },
          {
            "name": "DSA-1070",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1070"
          },
          {
            "name": "20162",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20162"
          },
          {
            "name": "oval:org.mitre.oval:def:10714",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714"
          },
          {
            "name": "DSA-1067",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1067"
          },
          {
            "name": "DSA-1069",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1069"
          },
          {
            "name": "10687",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10687"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734"
          },
          {
            "name": "MDKSA-2004:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:066"
          },
          {
            "name": "20202",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20202"
          },
          {
            "name": "RHSA-2004:504",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
          },
          {
            "name": "linux-ia64-info-disclosure(16644)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16644"
          },
          {
            "name": "20338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20338"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20163",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20163"
        },
        {
          "name": "[owl-users] 20040619 Linux 2.4.26-ow2",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html"
        },
        {
          "name": "DSA-1082",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1082"
        },
        {
          "name": "DSA-1070",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1070"
        },
        {
          "name": "20162",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20162"
        },
        {
          "name": "oval:org.mitre.oval:def:10714",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714"
        },
        {
          "name": "DSA-1067",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1067"
        },
        {
          "name": "DSA-1069",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1069"
        },
        {
          "name": "10687",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10687"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734"
        },
        {
          "name": "MDKSA-2004:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:066"
        },
        {
          "name": "20202",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20202"
        },
        {
          "name": "RHSA-2004:504",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
        },
        {
          "name": "linux-ia64-info-disclosure(16644)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16644"
        },
        {
          "name": "20338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20338"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0565",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20163",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20163"
            },
            {
              "name": "[owl-users] 20040619 Linux 2.4.26-ow2",
              "refsource": "MLIST",
              "url": "http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html"
            },
            {
              "name": "DSA-1082",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1082"
            },
            {
              "name": "DSA-1070",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1070"
            },
            {
              "name": "20162",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20162"
            },
            {
              "name": "oval:org.mitre.oval:def:10714",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10714"
            },
            {
              "name": "DSA-1067",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1067"
            },
            {
              "name": "DSA-1069",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1069"
            },
            {
              "name": "10687",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10687"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=124734"
            },
            {
              "name": "MDKSA-2004:066",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:066"
            },
            {
              "name": "20202",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20202"
            },
            {
              "name": "RHSA-2004:504",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-504.html"
            },
            {
              "name": "linux-ia64-info-disclosure(16644)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16644"
            },
            {
              "name": "20338",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20338"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0565",
    "datePublished": "2004-07-08T04:00:00",
    "dateReserved": "2004-06-15T00:00:00",
    "dateUpdated": "2024-08-08T00:24:25.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0834

Vulnerability from cvelistv5

Published

2004-10-20 04:00

Modified

2024-08-08 00:31

Severity ?

Summary

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

References

▼	URL	Tags
	http://speedtouch.sourceforge.net/index.php?/news.en.html	x_refsource_CONFIRM
	http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17792	vdb-entry, x_refsource_XF
	http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://speedtouch.sourceforge.net/index.php?/news.en.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html"
          },
          {
            "name": "speedtouch-format-string(17792)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17792"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/showfiles.php?group_id=32758\u0026package_id=28264\u0026release_id=271734"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://speedtouch.sourceforge.net/index.php?/news.en.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.mail-archive.com/speedtouch%40ml.free.fr/msg06688.html"
        },
        {
          "name": "speedtouch-format-string(17792)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17792"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/showfiles.php?group_id=32758\u0026package_id=28264\u0026release_id=271734"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0834",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://speedtouch.sourceforge.net/index.php?/news.en.html",
              "refsource": "CONFIRM",
              "url": "http://speedtouch.sourceforge.net/index.php?/news.en.html"
            },
            {
              "name": "http://www.mail-archive.com/speedtouch@ml.free.fr/msg06688.html",
              "refsource": "MISC",
              "url": "http://www.mail-archive.com/speedtouch@ml.free.fr/msg06688.html"
            },
            {
              "name": "speedtouch-format-string(17792)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17792"
            },
            {
              "name": "http://sourceforge.net/project/showfiles.php?group_id=32758\u0026package_id=28264\u0026release_id=271734",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/project/showfiles.php?group_id=32758\u0026package_id=28264\u0026release_id=271734"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0834",
    "datePublished": "2004-10-20T04:00:00",
    "dateReserved": "2004-09-08T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1352

Vulnerability from cvelistv5

Published

2007-04-06 01:00

Modified

2024-08-07 12:50

Severity ?

Summary

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

References

▼	URL	Tags
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502	third-party-advisory, x_refsource_IDEFENSE
	http://secunia.com/advisories/24745	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/33937	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24771	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24770	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25006	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24756	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/23283	vdb-entry, x_refsource_BID
	http://www.redhat.com/support/errata/RHSA-2007-0126.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/23300	vdb-entry, x_refsource_BID
	http://support.apple.com/kb/HT3438	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-200705-10.xml	vendor-advisory, x_refsource_GENTOO
	http://www.ubuntu.com/usn/usn-448-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:080	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/24758	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1017857	vdb-entry, x_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243	vdb-entry, signature, x_refsource_OVAL
	http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm	x_refsource_CONFIRM
	http://secunia.com/advisories/25195	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0125.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24741	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/24791	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2007_27_x.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2007/dsa-1294	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/24765	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25216	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/33419	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/archive/1/464686/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/464816/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/1548	vdb-entry, x_refsource_VUPEN
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1	vendor-advisory, x_refsource_SUNALERT
	http://www.vupen.com/english/advisories/2007/1217	vdb-entry, x_refsource_VUPEN
	http://www.openbsd.org/errata40.html#011_xorg	vendor-advisory, x_refsource_OPENBSD
	https://issues.rpath.com/browse/RPL-1213	x_refsource_CONFIRM
	http://secunia.com/advisories/25004	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25305	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-0132.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24772	third-party-advisory, x_refsource_SECUNIA
	http://www.openbsd.org/errata39.html#021_xorg	vendor-advisory, x_refsource_OPENBSD
	http://issues.foresightlinux.org/browse/FL-223	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:079	vendor-advisory, x_refsource_MANDRIVA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:50:35.267Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
          },
          {
            "name": "24745",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24745"
          },
          {
            "name": "oval:org.mitre.oval:def:10523",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
          },
          {
            "name": "33937",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33937"
          },
          {
            "name": "24771",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24771"
          },
          {
            "name": "24770",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24770"
          },
          {
            "name": "25006",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25006"
          },
          {
            "name": "24756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24756"
          },
          {
            "name": "23283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23283"
          },
          {
            "name": "RHSA-2007:0126",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
          },
          {
            "name": "23300",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23300"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3438"
          },
          {
            "name": "GLSA-200705-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
          },
          {
            "name": "USN-448-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-448-1"
          },
          {
            "name": "APPLE-SA-2009-02-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
          },
          {
            "name": "MDKSA-2007:080",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
          },
          {
            "name": "24758",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24758"
          },
          {
            "name": "1017857",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017857"
          },
          {
            "name": "oval:org.mitre.oval:def:13243",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
          },
          {
            "name": "25195",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25195"
          },
          {
            "name": "RHSA-2007:0125",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
          },
          {
            "name": "24741",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24741"
          },
          {
            "name": "APPLE-SA-2007-11-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
          },
          {
            "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
          },
          {
            "name": "24791",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24791"
          },
          {
            "name": "SUSE-SA:2007:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
          },
          {
            "name": "DSA-1294",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1294"
          },
          {
            "name": "24765",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24765"
          },
          {
            "name": "25216",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25216"
          },
          {
            "name": "xorg-fontsdir-bo(33419)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
          },
          {
            "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
          },
          {
            "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
          },
          {
            "name": "ADV-2007-1548",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1548"
          },
          {
            "name": "102886",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
          },
          {
            "name": "ADV-2007-1217",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1217"
          },
          {
            "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata40.html#011_xorg"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1213"
          },
          {
            "name": "25004",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25004"
          },
          {
            "name": "25305",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25305"
          },
          {
            "name": "RHSA-2007:0132",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
          },
          {
            "name": "24772",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24772"
          },
          {
            "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata39.html#021_xorg"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://issues.foresightlinux.org/browse/FL-223"
          },
          {
            "name": "MDKSA-2007:079",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
        },
        {
          "name": "24745",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24745"
        },
        {
          "name": "oval:org.mitre.oval:def:10523",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
        },
        {
          "name": "33937",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33937"
        },
        {
          "name": "24771",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24771"
        },
        {
          "name": "24770",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24770"
        },
        {
          "name": "25006",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25006"
        },
        {
          "name": "24756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24756"
        },
        {
          "name": "23283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23283"
        },
        {
          "name": "RHSA-2007:0126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
        },
        {
          "name": "23300",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23300"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3438"
        },
        {
          "name": "GLSA-200705-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
        },
        {
          "name": "USN-448-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-448-1"
        },
        {
          "name": "APPLE-SA-2009-02-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
        },
        {
          "name": "MDKSA-2007:080",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
        },
        {
          "name": "24758",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24758"
        },
        {
          "name": "1017857",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017857"
        },
        {
          "name": "oval:org.mitre.oval:def:13243",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
        },
        {
          "name": "25195",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25195"
        },
        {
          "name": "RHSA-2007:0125",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
        },
        {
          "name": "24741",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24741"
        },
        {
          "name": "APPLE-SA-2007-11-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
        },
        {
          "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
        },
        {
          "name": "24791",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24791"
        },
        {
          "name": "SUSE-SA:2007:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
        },
        {
          "name": "DSA-1294",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1294"
        },
        {
          "name": "24765",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24765"
        },
        {
          "name": "25216",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25216"
        },
        {
          "name": "xorg-fontsdir-bo(33419)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
        },
        {
          "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
        },
        {
          "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
        },
        {
          "name": "ADV-2007-1548",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1548"
        },
        {
          "name": "102886",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
        },
        {
          "name": "ADV-2007-1217",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1217"
        },
        {
          "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata40.html#011_xorg"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1213"
        },
        {
          "name": "25004",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25004"
        },
        {
          "name": "25305",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25305"
        },
        {
          "name": "RHSA-2007:0132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
        },
        {
          "name": "24772",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24772"
        },
        {
          "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata39.html#021_xorg"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://issues.foresightlinux.org/browse/FL-223"
        },
        {
          "name": "MDKSA-2007:079",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-1352",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
            },
            {
              "name": "24745",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24745"
            },
            {
              "name": "oval:org.mitre.oval:def:10523",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
            },
            {
              "name": "33937",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33937"
            },
            {
              "name": "24771",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24771"
            },
            {
              "name": "24770",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24770"
            },
            {
              "name": "25006",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25006"
            },
            {
              "name": "24756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24756"
            },
            {
              "name": "23283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23283"
            },
            {
              "name": "RHSA-2007:0126",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
            },
            {
              "name": "23300",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23300"
            },
            {
              "name": "http://support.apple.com/kb/HT3438",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3438"
            },
            {
              "name": "GLSA-200705-10",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
            },
            {
              "name": "USN-448-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-448-1"
            },
            {
              "name": "APPLE-SA-2009-02-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
            },
            {
              "name": "MDKSA-2007:080",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
            },
            {
              "name": "24758",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24758"
            },
            {
              "name": "1017857",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017857"
            },
            {
              "name": "oval:org.mitre.oval:def:13243",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
            },
            {
              "name": "25195",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25195"
            },
            {
              "name": "RHSA-2007:0125",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
            },
            {
              "name": "24741",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24741"
            },
            {
              "name": "APPLE-SA-2007-11-14",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
            },
            {
              "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
              "refsource": "MLIST",
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
            },
            {
              "name": "24791",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24791"
            },
            {
              "name": "SUSE-SA:2007:027",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
            },
            {
              "name": "DSA-1294",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1294"
            },
            {
              "name": "24765",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24765"
            },
            {
              "name": "25216",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25216"
            },
            {
              "name": "xorg-fontsdir-bo(33419)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
            },
            {
              "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
            },
            {
              "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
            },
            {
              "name": "ADV-2007-1548",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1548"
            },
            {
              "name": "102886",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
            },
            {
              "name": "ADV-2007-1217",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1217"
            },
            {
              "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata40.html#011_xorg"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1213",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1213"
            },
            {
              "name": "25004",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25004"
            },
            {
              "name": "25305",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25305"
            },
            {
              "name": "RHSA-2007:0132",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
            },
            {
              "name": "24772",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24772"
            },
            {
              "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata39.html#021_xorg"
            },
            {
              "name": "http://issues.foresightlinux.org/browse/FL-223",
              "refsource": "CONFIRM",
              "url": "http://issues.foresightlinux.org/browse/FL-223"
            },
            {
              "name": "MDKSA-2007:079",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-1352",
    "datePublished": "2007-04-06T01:00:00",
    "dateReserved": "2007-03-08T00:00:00",
    "dateUpdated": "2024-08-07T12:50:35.267Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-3625

Vulnerability from cvelistv5

Published

2006-01-06 22:00

Modified

2024-08-07 23:17

Severity ?

Summary

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

References

▼	URL	Tags
	http://www.securityfocus.com/bid/16143	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2005/dsa-932	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18349	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/18147	third-party-advisory, x_refsource_SECUNIA
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	vendor-advisory, x_refsource_SCO
	http://scary.beasts.org/security/CESA-2005-003.txt	x_refsource_MISC
	http://www.kde.org/info/security/advisory-20051207-2.txt	x_refsource_CONFIRM
	http://secunia.com/advisories/18679	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18644	third-party-advisory, x_refsource_SECUNIA
	https://usn.ubuntu.com/236-1/	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/18425	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18373	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18303	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-931	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18554	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/19230	third-party-advisory, x_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1	vendor-advisory, x_refsource_SUNALERT
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2006/dsa-962	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2006-0163.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2005/dsa-937	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18398	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/427053/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.trustix.org/errata/2006/0002/	vendor-advisory, x_refsource_TRUSTIX
	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2006/dsa-936	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/18329	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18463	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18642	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18674	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18313	third-party-advisory, x_refsource_SECUNIA
	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U	vendor-advisory, x_refsource_SGI
	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U	vendor-advisory, x_refsource_SGI
	http://secunia.com/advisories/18448	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18436	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18428	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18380	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18423	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18416	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2006-0177.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2007/2280	vdb-entry, x_refsource_VUPEN
	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/18335	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18407	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18332	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18517	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18582	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18534	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683	vendor-advisory, x_refsource_SLACKWARE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24023	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/18908	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html	x_refsource_CONFIRM
	http://secunia.com/advisories/25729	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18414	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18338	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008	vendor-advisory, x_refsource_MANDRIVA
	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U	vendor-advisory, x_refsource_SGI
	http://www.redhat.com/support/errata/RHSA-2006-0160.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010	vendor-advisory, x_refsource_MANDRAKE
	http://www.debian.org/security/2005/dsa-940	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2006/0047	vdb-entry, x_refsource_VUPEN
	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/18389	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747	vendor-advisory, x_refsource_SLACKWARE
	http://secunia.com/advisories/19377	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/archive/1/427990/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.debian.org/security/2006/dsa-961	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18675	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18913	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-938	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18334	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18375	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-950	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18387	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18385	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "oval:org.mitre.oval:def:9575",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18335"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "oval:org.mitre.oval:def:9575",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18335"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3625",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0434

Vulnerability from cvelistv5

Published

2003-06-18 04:00

Modified

2024-08-08 01:50

Severity ?

Summary

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

References

▼	URL	Tags
	http://secunia.com/advisories/9038	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2003:071	vendor-advisory, x_refsource_MANDRAKE
	http://www.kb.cert.org/vuls/id/200132	third-party-advisory, x_refsource_CERT-VN
	http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html	mailing-list, x_refsource_FULLDISC
	http://www.redhat.com/support/errata/RHSA-2003-196.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/9037	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2003-197.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=105777963019186&w=2	mailing-list, x_refsource_BUGTRAQ
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664	vdb-entry, signature, x_refsource_OVAL

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:50:48.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "9038",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/9038"
          },
          {
            "name": "MDKSA-2003:071",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
          },
          {
            "name": "VU#200132",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/200132"
          },
          {
            "name": "20030613 -10Day CERT Advisory on PDF Files",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
          },
          {
            "name": "RHSA-2003:196",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
          },
          {
            "name": "9037",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/9037"
          },
          {
            "name": "RHSA-2003:197",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
          },
          {
            "name": "20030709 xpdf vulnerability - CAN-2003-0434",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:664",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "9038",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/9038"
        },
        {
          "name": "MDKSA-2003:071",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
        },
        {
          "name": "VU#200132",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/200132"
        },
        {
          "name": "20030613 -10Day CERT Advisory on PDF Files",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
        },
        {
          "name": "RHSA-2003:196",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
        },
        {
          "name": "9037",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/9037"
        },
        {
          "name": "RHSA-2003:197",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
        },
        {
          "name": "20030709 xpdf vulnerability - CAN-2003-0434",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:664",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0434",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "9038",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/9038"
            },
            {
              "name": "MDKSA-2003:071",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071"
            },
            {
              "name": "VU#200132",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/200132"
            },
            {
              "name": "20030613 -10Day CERT Advisory on PDF Files",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html"
            },
            {
              "name": "RHSA-2003:196",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html"
            },
            {
              "name": "9037",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/9037"
            },
            {
              "name": "RHSA-2003:197",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html"
            },
            {
              "name": "20030709 xpdf vulnerability - CAN-2003-0434",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:664",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0434",
    "datePublished": "2003-06-18T04:00:00",
    "dateReserved": "2003-06-16T00:00:00",
    "dateUpdated": "2024-08-08T01:50:48.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0587

Vulnerability from cvelistv5

Published

2004-06-23 04:00

Modified

2024-08-08 00:24

Severity ?

Summary

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

References

▼	URL	Tags
	http://securitytracker.com/id?1010057	vdb-entry, x_refsource_SECTRACK
	http://www.redhat.com/support/errata/RHSA-2004-413.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2004-418.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398	vdb-entry, signature, x_refsource_OVAL
	http://www.novell.com/linux/security/advisories/2004_10_kernel.html	vendor-advisory, x_refsource_SUSE
	http://lwn.net/Articles/91155/	vendor-advisory, x_refsource_FEDORA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16062	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/10279	vdb-entry, x_refsource_BID
	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066	vendor-advisory, x_refsource_MANDRAKE
	ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc	vendor-advisory, x_refsource_SGI

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:26.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1010057",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1010057"
          },
          {
            "name": "RHSA-2004:413",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
          },
          {
            "name": "RHSA-2004:418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9398",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
          },
          {
            "name": "SuSE-SA:2004:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
          },
          {
            "name": "FEDORA-2004-186",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lwn.net/Articles/91155/"
          },
          {
            "name": "suse-hbaapinode-dos(16062)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
          },
          {
            "name": "10279",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10279"
          },
          {
            "name": "MDKSA-2004:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
          },
          {
            "name": "20040804-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1010057",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1010057"
        },
        {
          "name": "RHSA-2004:413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
        },
        {
          "name": "RHSA-2004:418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9398",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
        },
        {
          "name": "SuSE-SA:2004:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
        },
        {
          "name": "FEDORA-2004-186",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lwn.net/Articles/91155/"
        },
        {
          "name": "suse-hbaapinode-dos(16062)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
        },
        {
          "name": "10279",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10279"
        },
        {
          "name": "MDKSA-2004:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
        },
        {
          "name": "20040804-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0587",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1010057",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1010057"
            },
            {
              "name": "RHSA-2004:413",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-413.html"
            },
            {
              "name": "RHSA-2004:418",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-418.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9398",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9398"
            },
            {
              "name": "SuSE-SA:2004:010",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
            },
            {
              "name": "FEDORA-2004-186",
              "refsource": "FEDORA",
              "url": "http://lwn.net/Articles/91155/"
            },
            {
              "name": "suse-hbaapinode-dos(16062)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16062"
            },
            {
              "name": "10279",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10279"
            },
            {
              "name": "MDKSA-2004:066",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
            },
            {
              "name": "20040804-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0587",
    "datePublished": "2004-06-23T04:00:00",
    "dateReserved": "2004-06-21T00:00:00",
    "dateUpdated": "2024-08-08T00:24:26.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2002-0638

Vulnerability from cvelistv5

Published

2003-04-02 05:00

Modified

2024-08-08 02:56

Severity ?

Summary

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.

References

▼	URL	Tags
	ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt	vendor-advisory, x_refsource_CALDERA
	http://www.securityfocus.com/bid/5344	vdb-entry, x_refsource_BID
	http://www.iss.net/security_center/static/9709.php	vdb-entry, x_refsource_XF
	http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php	vendor-advisory, x_refsource_MANDRAKE
	http://rhn.redhat.com/errata/RHSA-2002-132.html	vendor-advisory, x_refsource_REDHAT
	http://www.kb.cert.org/vuls/id/405955	third-party-advisory, x_refsource_CERT-VN
	http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html	mailing-list, x_refsource_VULNWATCH
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523	vendor-advisory, x_refsource_CONECTIVA
	http://online.securityfocus.com/advisories/4320	vendor-advisory, x_refsource_HP
	http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=102795787713996&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.redhat.com/support/errata/RHSA-2002-137.html	vendor-advisory, x_refsource_REDHAT
	http://www.osvdb.org/5164	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:56:38.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CSSA-2002-043.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
          },
          {
            "name": "5344",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/5344"
          },
          {
            "name": "utillinux-chfn-race-condition(9709)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/9709.php"
          },
          {
            "name": "MDKSA-2002:047",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
          },
          {
            "name": "RHSA-2002:132",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
          },
          {
            "name": "VU#405955",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/405955"
          },
          {
            "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
          },
          {
            "name": "CLA-2002:523",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
          },
          {
            "name": "HPSBTL0207-054",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://online.securityfocus.com/advisories/4320"
          },
          {
            "name": "20020730 TSLSA-2002-0064 - util-linux",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
          },
          {
            "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
          },
          {
            "name": "RHSA-2002:137",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
          },
          {
            "name": "5164",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/5164"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-07-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2003-03-21T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CSSA-2002-043.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
        },
        {
          "name": "5344",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/5344"
        },
        {
          "name": "utillinux-chfn-race-condition(9709)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/9709.php"
        },
        {
          "name": "MDKSA-2002:047",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
        },
        {
          "name": "RHSA-2002:132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
        },
        {
          "name": "VU#405955",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/405955"
        },
        {
          "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
        },
        {
          "name": "CLA-2002:523",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
        },
        {
          "name": "HPSBTL0207-054",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://online.securityfocus.com/advisories/4320"
        },
        {
          "name": "20020730 TSLSA-2002-0064 - util-linux",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
        },
        {
          "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
        },
        {
          "name": "RHSA-2002:137",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
        },
        {
          "name": "5164",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/5164"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0638",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CSSA-2002-043.0",
              "refsource": "CALDERA",
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
            },
            {
              "name": "5344",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/5344"
            },
            {
              "name": "utillinux-chfn-race-condition(9709)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/9709.php"
            },
            {
              "name": "MDKSA-2002:047",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
            },
            {
              "name": "RHSA-2002:132",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
            },
            {
              "name": "VU#405955",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/405955"
            },
            {
              "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
            },
            {
              "name": "CLA-2002:523",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
            },
            {
              "name": "HPSBTL0207-054",
              "refsource": "HP",
              "url": "http://online.securityfocus.com/advisories/4320"
            },
            {
              "name": "20020730 TSLSA-2002-0064 - util-linux",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
            },
            {
              "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
            },
            {
              "name": "RHSA-2002:137",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
            },
            {
              "name": "5164",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/5164"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0638",
    "datePublished": "2003-04-02T05:00:00",
    "dateReserved": "2002-06-27T00:00:00",
    "dateUpdated": "2024-08-08T02:56:38.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0805

Vulnerability from cvelistv5

Published

2004-10-20 04:00

Modified

2024-08-08 00:31

Severity ?

Summary

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

References

▼	URL	Tags
	http://www.securityfocus.com/archive/1/374433	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/11121	vdb-entry, x_refsource_BID
	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100	vendor-advisory, x_refsource_MANDRAKE
	http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html	mailing-list, x_refsource_FULLDISC
	http://www.debian.org/security/2004/dsa-564	vendor-advisory, x_refsource_DEBIAN
	http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml	vendor-advisory, x_refsource_GENTOO
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17287	vdb-entry, x_refsource_XF
	http://www.alighieri.org/advisories/advisory-mpg123.txt	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040916 mpg123 buffer overflow vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/374433"
          },
          {
            "name": "11121",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11121"
          },
          {
            "name": "MDKSA-2004:100",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100"
          },
          {
            "name": "20040907 mpg123 buffer overflow vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html"
          },
          {
            "name": "DSA-564",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-564"
          },
          {
            "name": "GLSA-200409-20",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml"
          },
          {
            "name": "mpg123-layer2c-bo(17287)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17287"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.alighieri.org/advisories/advisory-mpg123.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040916 mpg123 buffer overflow vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/374433"
        },
        {
          "name": "11121",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11121"
        },
        {
          "name": "MDKSA-2004:100",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100"
        },
        {
          "name": "20040907 mpg123 buffer overflow vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html"
        },
        {
          "name": "DSA-564",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-564"
        },
        {
          "name": "GLSA-200409-20",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml"
        },
        {
          "name": "mpg123-layer2c-bo(17287)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17287"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.alighieri.org/advisories/advisory-mpg123.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0805",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040916 mpg123 buffer overflow vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/374433"
            },
            {
              "name": "11121",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11121"
            },
            {
              "name": "MDKSA-2004:100",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:100"
            },
            {
              "name": "20040907 mpg123 buffer overflow vulnerability",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026151.html"
            },
            {
              "name": "DSA-564",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-564"
            },
            {
              "name": "GLSA-200409-20",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-20.xml"
            },
            {
              "name": "mpg123-layer2c-bo(17287)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17287"
            },
            {
              "name": "http://www.alighieri.org/advisories/advisory-mpg123.txt",
              "refsource": "MISC",
              "url": "http://www.alighieri.org/advisories/advisory-mpg123.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0805",
    "datePublished": "2004-10-20T04:00:00",
    "dateReserved": "2004-08-25T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0736

Vulnerability from cvelistv5

Published

2001-10-12 04:00

Modified

2024-08-08 04:30

Severity ?

Summary

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=98749102621604&w=2	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=99106787825229&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2001-042.html	vendor-advisory, x_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/6367	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:30:06.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20010416 Immunix OS Security update for pine",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
          },
          {
            "name": "20010527 [ESA-20010509-01]  pine temporary file handling vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
          },
          {
            "name": "MDKSA-2001:047",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
          },
          {
            "name": "RHSA-2001:042",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
          },
          {
            "name": "pine-tmp-file-symlink(6367)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-03-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-18T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20010416 Immunix OS Security update for pine",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
        },
        {
          "name": "20010527 [ESA-20010509-01]  pine temporary file handling vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
        },
        {
          "name": "MDKSA-2001:047",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
        },
        {
          "name": "RHSA-2001:042",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
        },
        {
          "name": "pine-tmp-file-symlink(6367)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0736",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20010416 Immunix OS Security update for pine",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2"
            },
            {
              "name": "20010527 [ESA-20010509-01]  pine temporary file handling vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2"
            },
            {
              "name": "MDKSA-2001:047",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0"
            },
            {
              "name": "RHSA-2001:042",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html"
            },
            {
              "name": "pine-tmp-file-symlink(6367)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0736",
    "datePublished": "2001-10-12T04:00:00",
    "dateReserved": "2001-10-12T00:00:00",
    "dateUpdated": "2024-08-08T04:30:06.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-2394

Vulnerability from cvelistv5

Published

2005-08-17 04:00

Modified

2024-08-08 01:22

Severity ?

Summary

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/10370	vdb-entry, x_refsource_BID
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	vendor-advisory, x_refsource_MANDRAKE
	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16178	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:22:13.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10370",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10370"
          },
          {
            "name": "MDKSA-2004:045",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
          },
          {
            "name": "passwd-stdin-offbyone-bo(16178)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16178"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10370",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10370"
        },
        {
          "name": "MDKSA-2004:045",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
        },
        {
          "name": "passwd-stdin-offbyone-bo(16178)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16178"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2394",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10370",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10370"
            },
            {
              "name": "MDKSA-2004:045",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
            },
            {
              "name": "passwd-stdin-offbyone-bo(16178)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16178"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2394",
    "datePublished": "2005-08-17T04:00:00",
    "dateReserved": "2005-08-17T00:00:00",
    "dateUpdated": "2024-08-08T01:22:13.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-2833

Vulnerability from cvelistv5

Published

2007-06-21 20:00

Modified

2024-08-07 13:49

Severity ?

Summary

Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.

References

▼	URL	Tags
	http://www.debian.org/security/2007/dsa-1316	vendor-advisory, x_refsource_DEBIAN
	http://www.novell.com/linux/security/advisories/2007_19_sr.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id?1018277	vdb-entry, x_refsource_SECTRACK
	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/usn-504-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/24570	vdb-entry, x_refsource_BID
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:133	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/26987	third-party-advisory, x_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1490	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:49:57.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-1316",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1316"
          },
          {
            "name": "SUSE-SR:2007:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
          },
          {
            "name": "1018277",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018277"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
          },
          {
            "name": "USN-504-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-504-1"
          },
          {
            "name": "24570",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24570"
          },
          {
            "name": "MDKSA-2007:133",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
          },
          {
            "name": "26987",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26987"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1490"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-06-27T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "DSA-1316",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1316"
        },
        {
          "name": "SUSE-SR:2007:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
        },
        {
          "name": "1018277",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018277"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
        },
        {
          "name": "USN-504-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-504-1"
        },
        {
          "name": "24570",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24570"
        },
        {
          "name": "MDKSA-2007:133",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
        },
        {
          "name": "26987",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26987"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1490"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2833",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-1316",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1316"
            },
            {
              "name": "SUSE-SR:2007:019",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
            },
            {
              "name": "1018277",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018277"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
            },
            {
              "name": "USN-504-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-504-1"
            },
            {
              "name": "24570",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24570"
            },
            {
              "name": "MDKSA-2007:133",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
            },
            {
              "name": "26987",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26987"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1490",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1490"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2833",
    "datePublished": "2007-06-21T20:00:00",
    "dateReserved": "2007-05-24T00:00:00",
    "dateUpdated": "2024-08-07T13:49:57.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0975

Vulnerability from cvelistv5

Published

2004-10-20 04:00

Modified

2024-08-08 00:39

Severity ?

Summary

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

References

▼	URL	Tags
	http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml	vendor-advisory, x_refsource_GENTOO
	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583	vdb-entry, x_refsource_XF
	http://www.trustix.org/errata/2004/0050	vendor-advisory, x_refsource_TRUSTIX
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164	vdb-entry, signature, x_refsource_OVAL
	http://www.debian.org/security/2004/dsa-603	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2005-476.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/11293	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/12973	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.442Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-200411-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302"
          },
          {
            "name": "script-temporary-file-overwrite(17583)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
          },
          {
            "name": "2004-0050",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2004/0050"
          },
          {
            "name": "oval:org.mitre.oval:def:164",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164"
          },
          {
            "name": "DSA-603",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-603"
          },
          {
            "name": "RHSA-2005:476",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
          },
          {
            "name": "11293",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11293"
          },
          {
            "name": "oval:org.mitre.oval:def:10621",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621"
          },
          {
            "name": "12973",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12973"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-200411-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302"
        },
        {
          "name": "script-temporary-file-overwrite(17583)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
        },
        {
          "name": "2004-0050",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2004/0050"
        },
        {
          "name": "oval:org.mitre.oval:def:164",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164"
        },
        {
          "name": "DSA-603",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-603"
        },
        {
          "name": "RHSA-2005:476",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
        },
        {
          "name": "11293",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11293"
        },
        {
          "name": "oval:org.mitre.oval:def:10621",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621"
        },
        {
          "name": "12973",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12973"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0975",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-200411-15",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302"
            },
            {
              "name": "script-temporary-file-overwrite(17583)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
            },
            {
              "name": "2004-0050",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2004/0050"
            },
            {
              "name": "oval:org.mitre.oval:def:164",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164"
            },
            {
              "name": "DSA-603",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-603"
            },
            {
              "name": "RHSA-2005:476",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-476.html"
            },
            {
              "name": "11293",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11293"
            },
            {
              "name": "oval:org.mitre.oval:def:10621",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621"
            },
            {
              "name": "12973",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12973"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0975",
    "datePublished": "2004-10-20T04:00:00",
    "dateReserved": "2004-10-19T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.442Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0117

Vulnerability from cvelistv5

Published

2001-05-07 04:00

Modified

2024-08-08 04:06

Severity ?

Summary

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=97916374410647&w=2	mailing-list, x_refsource_BUGTRAQ
	http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01	vendor-advisory, x_refsource_IMMUNIX
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5914	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/2191	vdb-entry, x_refsource_BID
	http://www.kb.cert.org/vuls/id/579928	third-party-advisory, x_refsource_CERT-VN
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2001-116.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:55.471Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20010110 Immunix OS Security update for lots of temp file problems",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
          },
          {
            "name": "IMNX-2000-70-028-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_IMMUNIX",
              "x_transferred"
            ],
            "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01"
          },
          {
            "name": "linux-diffutils-sdiff-symlink(5914)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914"
          },
          {
            "name": "2191",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2191"
          },
          {
            "name": "VU#579928",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/579928"
          },
          {
            "name": "MDKSA-2001:008-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3"
          },
          {
            "name": "RHSA-2001:116",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20010110 Immunix OS Security update for lots of temp file problems",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
        },
        {
          "name": "IMNX-2000-70-028-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_IMMUNIX"
          ],
          "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01"
        },
        {
          "name": "linux-diffutils-sdiff-symlink(5914)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914"
        },
        {
          "name": "2191",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2191"
        },
        {
          "name": "VU#579928",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/579928"
        },
        {
          "name": "MDKSA-2001:008-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3"
        },
        {
          "name": "RHSA-2001:116",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0117",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20010110 Immunix OS Security update for lots of temp file problems",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
            },
            {
              "name": "IMNX-2000-70-028-01",
              "refsource": "IMMUNIX",
              "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01"
            },
            {
              "name": "linux-diffutils-sdiff-symlink(5914)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914"
            },
            {
              "name": "2191",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2191"
            },
            {
              "name": "VU#579928",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/579928"
            },
            {
              "name": "MDKSA-2001:008-1",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3"
            },
            {
              "name": "RHSA-2001:116",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0117",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2001-02-06T00:00:00",
    "dateUpdated": "2024-08-08T04:06:55.471Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0827

Vulnerability from cvelistv5

Published

2004-09-24 04:00

Modified

2024-08-08 00:31

Severity ?

Summary

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

References

▼	URL	Tags
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2008/0412	vdb-entry, x_refsource_VUPEN
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1	vendor-advisory, x_refsource_SUNALERT
	http://www.debian.org/security/2004/dsa-547	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2004-494.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2004-480.html	vendor-advisory, x_refsource_REDHAT
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1	vendor-advisory, x_refsource_SUNALERT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17173	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/28800	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.850Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:11123",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
          },
          {
            "name": "ADV-2008-0412",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0412"
          },
          {
            "name": "201006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
          },
          {
            "name": "DSA-547",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-547"
          },
          {
            "name": "RHSA-2004:494",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
          },
          {
            "name": "RHSA-2004:480",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
          },
          {
            "name": "231321",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
          },
          {
            "name": "imagemagick-bmp-Bo(17173)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
          },
          {
            "name": "28800",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28800"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:11123",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
        },
        {
          "name": "ADV-2008-0412",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0412"
        },
        {
          "name": "201006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
        },
        {
          "name": "DSA-547",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-547"
        },
        {
          "name": "RHSA-2004:494",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
        },
        {
          "name": "RHSA-2004:480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
        },
        {
          "name": "231321",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
        },
        {
          "name": "imagemagick-bmp-Bo(17173)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
        },
        {
          "name": "28800",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28800"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0827",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:11123",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11123"
            },
            {
              "name": "ADV-2008-0412",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0412"
            },
            {
              "name": "201006",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201006-1"
            },
            {
              "name": "DSA-547",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-547"
            },
            {
              "name": "RHSA-2004:494",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-494.html"
            },
            {
              "name": "RHSA-2004:480",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-480.html"
            },
            {
              "name": "231321",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-231321-1"
            },
            {
              "name": "imagemagick-bmp-Bo(17173)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17173"
            },
            {
              "name": "28800",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28800"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0827",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-09-02T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-2396

Vulnerability from cvelistv5

Published

2005-08-17 04:00

Modified

2024-08-08 01:22

Severity ?

Summary

passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/10370	vdb-entry, x_refsource_BID
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16179	vdb-entry, x_refsource_XF
	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:22:13.939Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10370",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10370"
          },
          {
            "name": "MDKSA-2004:045",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
          },
          {
            "name": "passwd-pamstart-improper-validation(16179)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16179"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent \"safe and proper operation\" of PAM."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10370",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10370"
        },
        {
          "name": "MDKSA-2004:045",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
        },
        {
          "name": "passwd-pamstart-improper-validation(16179)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16179"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2396",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent \"safe and proper operation\" of PAM."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10370",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10370"
            },
            {
              "name": "MDKSA-2004:045",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
            },
            {
              "name": "passwd-pamstart-improper-validation(16179)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16179"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060",
              "refsource": "MISC",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2396",
    "datePublished": "2005-08-17T04:00:00",
    "dateReserved": "2005-08-17T00:00:00",
    "dateUpdated": "2024-08-08T01:22:13.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0497

Vulnerability from cvelistv5

Published

2004-07-06 04:00

Modified

2024-08-08 00:17

Severity ?

Summary

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2004-354.html	vendor-advisory, x_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16599	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2004-360.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066	vendor-advisory, x_refsource_MANDRAKE
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852	vendor-advisory, x_refsource_CONECTIVA
	http://www.novell.com/linux/security/advisories/2004_20_kernel.html	vendor-advisory, x_refsource_SUSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:15.122Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2004:354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-354.html"
          },
          {
            "name": "linux-fchown-groupid-modify(16599)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599"
          },
          {
            "name": "oval:org.mitre.oval:def:9867",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867"
          },
          {
            "name": "RHSA-2004:360",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-360.html"
          },
          {
            "name": "MDKSA-2004:066",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
          },
          {
            "name": "CLA-2004:852",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
          },
          {
            "name": "SUSE-SA:2004:020",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-07-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2004:354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-354.html"
        },
        {
          "name": "linux-fchown-groupid-modify(16599)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599"
        },
        {
          "name": "oval:org.mitre.oval:def:9867",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867"
        },
        {
          "name": "RHSA-2004:360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-360.html"
        },
        {
          "name": "MDKSA-2004:066",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
        },
        {
          "name": "CLA-2004:852",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
        },
        {
          "name": "SUSE-SA:2004:020",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0497",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2004:354",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-354.html"
            },
            {
              "name": "linux-fchown-groupid-modify(16599)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16599"
            },
            {
              "name": "oval:org.mitre.oval:def:9867",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9867"
            },
            {
              "name": "RHSA-2004:360",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-360.html"
            },
            {
              "name": "MDKSA-2004:066",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066"
            },
            {
              "name": "CLA-2004:852",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
            },
            {
              "name": "SUSE-SA:2004:020",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0497",
    "datePublished": "2004-07-06T04:00:00",
    "dateReserved": "2004-05-27T00:00:00",
    "dateUpdated": "2024-08-08T00:17:15.122Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0085

Vulnerability from cvelistv5

Published

2005-02-15 05:00

Modified

2024-08-07 20:57

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

References

▼	URL	Tags
	http://secunia.com/advisories/14795	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2005-073.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/14255	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:063	vendor-advisory, x_refsource_MANDRAKE
	http://secunia.com/advisories/17415	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/19223	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/14303	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/14276	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/12442	vdb-entry, x_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml	vendor-advisory, x_refsource_GENTOO
	http://www.debian.org/security/2005/dsa-680	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/17414	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2005-090.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/15007	third-party-advisory, x_refsource_SECUNIA
	http://securitytracker.com/id?1013078	vdb-entry, x_refsource_SECTRACK
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt	vendor-advisory, x_refsource_SCO

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "14795",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14795"
          },
          {
            "name": "oval:org.mitre.oval:def:10878",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
          },
          {
            "name": "RHSA-2005:073",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
          },
          {
            "name": "14255",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14255"
          },
          {
            "name": "MDKSA-2005:063",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
          },
          {
            "name": "17415",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17415"
          },
          {
            "name": "htdig-config-xss(19223)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
          },
          {
            "name": "14303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14303"
          },
          {
            "name": "14276",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14276"
          },
          {
            "name": "12442",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12442"
          },
          {
            "name": "GLSA-200502-16",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
          },
          {
            "name": "DSA-680",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-680"
          },
          {
            "name": "17414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17414"
          },
          {
            "name": "RHSA-2005:090",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
          },
          {
            "name": "FLSA-2006:152907",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
          },
          {
            "name": "15007",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15007"
          },
          {
            "name": "1013078",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013078"
          },
          {
            "name": "SCOSA-2005.46",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "14795",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14795"
        },
        {
          "name": "oval:org.mitre.oval:def:10878",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
        },
        {
          "name": "RHSA-2005:073",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
        },
        {
          "name": "14255",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14255"
        },
        {
          "name": "MDKSA-2005:063",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
        },
        {
          "name": "17415",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17415"
        },
        {
          "name": "htdig-config-xss(19223)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
        },
        {
          "name": "14303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14303"
        },
        {
          "name": "14276",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14276"
        },
        {
          "name": "12442",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12442"
        },
        {
          "name": "GLSA-200502-16",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
        },
        {
          "name": "DSA-680",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-680"
        },
        {
          "name": "17414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17414"
        },
        {
          "name": "RHSA-2005:090",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
        },
        {
          "name": "FLSA-2006:152907",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
        },
        {
          "name": "15007",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15007"
        },
        {
          "name": "1013078",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013078"
        },
        {
          "name": "SCOSA-2005.46",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0085",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "14795",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14795"
            },
            {
              "name": "oval:org.mitre.oval:def:10878",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10878"
            },
            {
              "name": "RHSA-2005:073",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-073.html"
            },
            {
              "name": "14255",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14255"
            },
            {
              "name": "MDKSA-2005:063",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:063"
            },
            {
              "name": "17415",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17415"
            },
            {
              "name": "htdig-config-xss(19223)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19223"
            },
            {
              "name": "14303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14303"
            },
            {
              "name": "14276",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14276"
            },
            {
              "name": "12442",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12442"
            },
            {
              "name": "GLSA-200502-16",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-16.xml"
            },
            {
              "name": "DSA-680",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-680"
            },
            {
              "name": "17414",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17414"
            },
            {
              "name": "RHSA-2005:090",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-090.html"
            },
            {
              "name": "FLSA-2006:152907",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00002.html"
            },
            {
              "name": "15007",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15007"
            },
            {
              "name": "1013078",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1013078"
            },
            {
              "name": "SCOSA-2005.46",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.46/SCOSA-2005.46.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0085",
    "datePublished": "2005-02-15T05:00:00",
    "dateReserved": "2005-01-18T00:00:00",
    "dateUpdated": "2024-08-07T20:57:40.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-3624

Vulnerability from cvelistv5

Published

2006-01-06 22:00

Modified

2024-08-07 23:17

Severity ?

Summary

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/16143	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2005/dsa-932	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18349	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18147	third-party-advisory, x_refsource_SECUNIA
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	vendor-advisory, x_refsource_SCO
	http://scary.beasts.org/security/CESA-2005-003.txt	x_refsource_MISC
	http://www.kde.org/info/security/advisory-20051207-2.txt	x_refsource_CONFIRM
	http://secunia.com/advisories/18679	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18644	third-party-advisory, x_refsource_SECUNIA
	https://usn.ubuntu.com/236-1/	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/18425	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18373	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18303	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-931	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18554	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/19230	third-party-advisory, x_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1	vendor-advisory, x_refsource_SUNALERT
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2006/dsa-962	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2006-0163.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2005/dsa-937	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18398	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/427053/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.trustix.org/errata/2006/0002/	vendor-advisory, x_refsource_TRUSTIX
	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2006/dsa-936	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/18329	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18463	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18642	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18674	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18313	third-party-advisory, x_refsource_SECUNIA
	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U	vendor-advisory, x_refsource_SGI
	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U	vendor-advisory, x_refsource_SGI
	http://secunia.com/advisories/18448	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18436	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18428	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18380	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18423	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18416	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2006-0177.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2007/2280	vdb-entry, x_refsource_VUPEN
	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/18407	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18332	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18517	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18582	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18534	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683	vendor-advisory, x_refsource_SLACKWARE
	http://secunia.com/advisories/18908	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25729	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18414	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18338	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008	vendor-advisory, x_refsource_MANDRIVA
	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U	vendor-advisory, x_refsource_SGI
	http://www.redhat.com/support/errata/RHSA-2006-0160.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010	vendor-advisory, x_refsource_MANDRAKE
	http://www.debian.org/security/2005/dsa-940	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2006/0047	vdb-entry, x_refsource_VUPEN
	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml	vendor-advisory, x_refsource_GENTOO
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24022	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/18389	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437	vdb-entry, signature, x_refsource_OVAL
	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747	vendor-advisory, x_refsource_SLACKWARE
	http://secunia.com/advisories/19377	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/archive/1/427990/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.debian.org/security/2006/dsa-961	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18675	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18913	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-938	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18334	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18375	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-950	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18387	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18385	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.457Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "xpdf-ccitt-faxstream-bo(24022)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "oval:org.mitre.oval:def:9437",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "xpdf-ccitt-faxstream-bo(24022)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "oval:org.mitre.oval:def:9437",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3624",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.457Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0206

Vulnerability from cvelistv5

Published

2005-02-15 05:00

Modified

2024-08-07 21:05

Severity ?

Summary

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

References

▼	URL	Tags
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107	vdb-entry, signature, x_refsource_OVAL
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:041	vendor-advisory, x_refsource_MANDRAKE
	http://www.securityfocus.com/bid/11501	vdb-entry, x_refsource_BID
	http://www.redhat.com/support/errata/RHSA-2005-034.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:056	vendor-advisory, x_refsource_MANDRAKE
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:043	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2005-213.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:044	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2005-053.html	vendor-advisory, x_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17818	vdb-entry, x_refsource_XF
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:052	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2005-132.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:042	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2005-057.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:25.397Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:11107",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
          },
          {
            "name": "MDKSA-2005:041",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
          },
          {
            "name": "11501",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11501"
          },
          {
            "name": "RHSA-2005:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
          },
          {
            "name": "MDKSA-2005:056",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
          },
          {
            "name": "MDKSA-2005:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
          },
          {
            "name": "RHSA-2005:213",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
          },
          {
            "name": "MDKSA-2005:044",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
          },
          {
            "name": "RHSA-2005:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
          },
          {
            "name": "xpdf-pdf-bo(17818)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
          },
          {
            "name": "MDKSA-2005:052",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
          },
          {
            "name": "RHSA-2005:132",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
          },
          {
            "name": "MDKSA-2005:042",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
          },
          {
            "name": "RHSA-2005:057",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:11107",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
        },
        {
          "name": "MDKSA-2005:041",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
        },
        {
          "name": "11501",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11501"
        },
        {
          "name": "RHSA-2005:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
        },
        {
          "name": "MDKSA-2005:056",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
        },
        {
          "name": "MDKSA-2005:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
        },
        {
          "name": "RHSA-2005:213",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
        },
        {
          "name": "MDKSA-2005:044",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
        },
        {
          "name": "RHSA-2005:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
        },
        {
          "name": "xpdf-pdf-bo(17818)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
        },
        {
          "name": "MDKSA-2005:052",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
        },
        {
          "name": "RHSA-2005:132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
        },
        {
          "name": "MDKSA-2005:042",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
        },
        {
          "name": "RHSA-2005:057",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0206",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:11107",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107"
            },
            {
              "name": "MDKSA-2005:041",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041"
            },
            {
              "name": "11501",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11501"
            },
            {
              "name": "RHSA-2005:034",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html"
            },
            {
              "name": "MDKSA-2005:056",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056"
            },
            {
              "name": "MDKSA-2005:043",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043"
            },
            {
              "name": "RHSA-2005:213",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html"
            },
            {
              "name": "MDKSA-2005:044",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044"
            },
            {
              "name": "RHSA-2005:053",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html"
            },
            {
              "name": "xpdf-pdf-bo(17818)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818"
            },
            {
              "name": "MDKSA-2005:052",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052"
            },
            {
              "name": "RHSA-2005:132",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html"
            },
            {
              "name": "MDKSA-2005:042",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042"
            },
            {
              "name": "RHSA-2005:057",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0206",
    "datePublished": "2005-02-15T05:00:00",
    "dateReserved": "2005-02-01T00:00:00",
    "dateUpdated": "2024-08-07T21:05:25.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0472

Vulnerability from cvelistv5

Published

2005-02-19 05:00

Modified

2024-08-07 21:13

Severity ?

Summary

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

References

▼	URL	Tags
	http://www.securityfocus.com/archive/1/426078/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.kb.cert.org/vuls/id/839280	third-party-advisory, x_refsource_CERT-VN
	http://gaim.sourceforge.net/security/index.php?id=10	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433	vdb-entry, signature, x_refsource_OVAL
	http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml	vendor-advisory, x_refsource_GENTOO
	http://marc.info/?l=bugtraq&m=110935655500670&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:049	vendor-advisory, x_refsource_MANDRAKE
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933	vendor-advisory, x_refsource_CONECTIVA
	http://www.redhat.com/support/errata/RHSA-2005-432.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/14322	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2005-215.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/12589	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/19380	vdb-entry, x_refsource_XF
	http://www.debian.org/security/2005/dsa-716	vendor-advisory, x_refsource_DEBIAN
	http://www.novell.com/linux/security/advisories/2005_36_sudo.html	vendor-advisory, x_refsource_SUSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:13:54.256Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FLSA:158543",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
          },
          {
            "name": "VU#839280",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/839280"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://gaim.sourceforge.net/security/index.php?id=10"
          },
          {
            "name": "oval:org.mitre.oval:def:10433",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
          },
          {
            "name": "GLSA-200503-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
          },
          {
            "name": "20050225 [USN-85-1] Gaim vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
          },
          {
            "name": "MDKSA-2005:049",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
          },
          {
            "name": "CLA-2005:933",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
          },
          {
            "name": "RHSA-2005:432",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
          },
          {
            "name": "14322",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14322"
          },
          {
            "name": "RHSA-2005:215",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
          },
          {
            "name": "12589",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12589"
          },
          {
            "name": "gaim-snac-dos(19380)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
          },
          {
            "name": "DSA-716",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-716"
          },
          {
            "name": "SUSE-SA:2005:036",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FLSA:158543",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
        },
        {
          "name": "VU#839280",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/839280"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://gaim.sourceforge.net/security/index.php?id=10"
        },
        {
          "name": "oval:org.mitre.oval:def:10433",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433"
        },
        {
          "name": "GLSA-200503-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
        },
        {
          "name": "20050225 [USN-85-1] Gaim vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
        },
        {
          "name": "MDKSA-2005:049",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
        },
        {
          "name": "CLA-2005:933",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
        },
        {
          "name": "RHSA-2005:432",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-432.html"
        },
        {
          "name": "14322",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14322"
        },
        {
          "name": "RHSA-2005:215",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
        },
        {
          "name": "12589",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12589"
        },
        {
          "name": "gaim-snac-dos(19380)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19380"
        },
        {
          "name": "DSA-716",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-716"
        },
        {
          "name": "SUSE-SA:2005:036",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0472",
    "datePublished": "2005-02-19T05:00:00",
    "dateReserved": "2005-02-19T00:00:00",
    "dateUpdated": "2024-08-07T21:13:54.256Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1235

Vulnerability from cvelistv5

Published

2005-01-20 05:00

Modified

2024-08-08 00:46

Severity ?

Summary

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

References

▼	URL	Tags
	http://secunia.com/advisories/20163	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-1082	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:022	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2005-017.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.fedora.us/show_bug.cgi?id=2336	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/advisories/7804	x_refsource_CONFIRM
	http://isec.pl/vulnerabilities/isec-0021-uselib.txt	x_refsource_MISC
	http://www.debian.org/security/2006/dsa-1070	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2005-016.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/20162	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2005-043.html	vendor-advisory, x_refsource_REDHAT
	http://www.trustix.org/errata/2005/0001/	vendor-advisory, x_refsource_TRUSTIX
	http://www.redhat.com/support/errata/RHSA-2005-092.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2006/dsa-1067	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/advisories/7805	vendor-advisory, x_refsource_FEDORA
	http://www.debian.org/security/2006/dsa-1069	vendor-advisory, x_refsource_DEBIAN
	http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930	vendor-advisory, x_refsource_CONECTIVA
	http://www.novell.com/linux/security/advisories/2005_01_sr.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/12190	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/18800	vdb-entry, x_refsource_XF
	http://marc.info/?l=bugtraq&m=110512575901427&w=2	mailing-list, x_refsource_BUGTRAQ
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/advisories/7806	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/20202	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/20338	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:12.034Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20163",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20163"
          },
          {
            "name": "DSA-1082",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1082"
          },
          {
            "name": "MDKSA-2005:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
          },
          {
            "name": "RHSA-2005:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
          },
          {
            "name": "FLSA:2336",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/advisories/7804"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
          },
          {
            "name": "DSA-1070",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1070"
          },
          {
            "name": "RHSA-2005:016",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
          },
          {
            "name": "20162",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20162"
          },
          {
            "name": "RHSA-2005:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
          },
          {
            "name": "2005-0001",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0001/"
          },
          {
            "name": "RHSA-2005:092",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
          },
          {
            "name": "DSA-1067",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1067"
          },
          {
            "name": "FEDORA-2005-014",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/advisories/7805"
          },
          {
            "name": "DSA-1069",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1069"
          },
          {
            "name": "CLA-2005:930",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
          },
          {
            "name": "SUSE-SR:2005:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
          },
          {
            "name": "12190",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12190"
          },
          {
            "name": "linux-uselib-gain-privileges(18800)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
          },
          {
            "name": "20050107 Linux kernel sys_uselib local root vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:9567",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
          },
          {
            "name": "FEDORA-2005-013",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/advisories/7806"
          },
          {
            "name": "20202",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20202"
          },
          {
            "name": "20338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20338"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20163",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20163"
        },
        {
          "name": "DSA-1082",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1082"
        },
        {
          "name": "MDKSA-2005:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
        },
        {
          "name": "RHSA-2005:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
        },
        {
          "name": "FLSA:2336",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.securityfocus.com/advisories/7804"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
        },
        {
          "name": "DSA-1070",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1070"
        },
        {
          "name": "RHSA-2005:016",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
        },
        {
          "name": "20162",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20162"
        },
        {
          "name": "RHSA-2005:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
        },
        {
          "name": "2005-0001",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0001/"
        },
        {
          "name": "RHSA-2005:092",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
        },
        {
          "name": "DSA-1067",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1067"
        },
        {
          "name": "FEDORA-2005-014",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/advisories/7805"
        },
        {
          "name": "DSA-1069",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1069"
        },
        {
          "name": "CLA-2005:930",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
        },
        {
          "name": "SUSE-SR:2005:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
        },
        {
          "name": "12190",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12190"
        },
        {
          "name": "linux-uselib-gain-privileges(18800)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
        },
        {
          "name": "20050107 Linux kernel sys_uselib local root vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:9567",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
        },
        {
          "name": "FEDORA-2005-013",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/advisories/7806"
        },
        {
          "name": "20202",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20202"
        },
        {
          "name": "20338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20338"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1235",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20163",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20163"
            },
            {
              "name": "DSA-1082",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1082"
            },
            {
              "name": "MDKSA-2005:022",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
            },
            {
              "name": "RHSA-2005:017",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html"
            },
            {
              "name": "FLSA:2336",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
            },
            {
              "name": "http://www.securityfocus.com/advisories/7804",
              "refsource": "CONFIRM",
              "url": "http://www.securityfocus.com/advisories/7804"
            },
            {
              "name": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt",
              "refsource": "MISC",
              "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt"
            },
            {
              "name": "DSA-1070",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1070"
            },
            {
              "name": "RHSA-2005:016",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html"
            },
            {
              "name": "20162",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20162"
            },
            {
              "name": "RHSA-2005:043",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html"
            },
            {
              "name": "2005-0001",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0001/"
            },
            {
              "name": "RHSA-2005:092",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html"
            },
            {
              "name": "DSA-1067",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1067"
            },
            {
              "name": "FEDORA-2005-014",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/advisories/7805"
            },
            {
              "name": "DSA-1069",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2006/dsa-1069"
            },
            {
              "name": "CLA-2005:930",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930"
            },
            {
              "name": "SUSE-SR:2005:001",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
            },
            {
              "name": "12190",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12190"
            },
            {
              "name": "linux-uselib-gain-privileges(18800)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800"
            },
            {
              "name": "20050107 Linux kernel sys_uselib local root vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:9567",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567"
            },
            {
              "name": "FEDORA-2005-013",
              "refsource": "FEDORA",
              "url": "http://www.securityfocus.com/advisories/7806"
            },
            {
              "name": "20202",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20202"
            },
            {
              "name": "20338",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20338"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1235",
    "datePublished": "2005-01-20T05:00:00",
    "dateReserved": "2004-12-15T00:00:00",
    "dateUpdated": "2024-08-08T00:46:12.034Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1051

Vulnerability from cvelistv5

Published

2004-11-18 05:00

Modified

2024-08-08 00:39

Severity ?

Summary

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

References

▼	URL	Tags
	https://www.ubuntu.com/usn/usn-28-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.sudo.ws/sudo/alerts/bash_functions.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=110598298225675&w=2	vendor-advisory, x_refsource_OPENPKG
	http://marc.info/?l=bugtraq&m=110028877431192&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:133	vendor-advisory, x_refsource_MANDRAKE
	http://lists.apple.com/archives/security-announce/2005/May/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/11668	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2004/dsa-596	vendor-advisory, x_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/18055	vdb-entry, x_refsource_XF
	http://www.trustix.org/errata/2004/0061/	vendor-advisory, x_refsource_TRUSTIX

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.761Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-28-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://www.ubuntu.com/usn/usn-28-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sudo.ws/sudo/alerts/bash_functions.html"
          },
          {
            "name": "OpenPKG-SA-2005.002",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110598298225675\u0026w=2"
          },
          {
            "name": "20041112 Sudo version 1.6.8p2 now available (fwd)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110028877431192\u0026w=2"
          },
          {
            "name": "MDKSA-2004:133",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:133"
          },
          {
            "name": "APPLE-SA-2005-05-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
          },
          {
            "name": "11668",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11668"
          },
          {
            "name": "DSA-596",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-596"
          },
          {
            "name": "sudo-bash-command-execution(18055)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18055"
          },
          {
            "name": "2004-0061",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2004/0061/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "sudo before 1.6.8p2 allows local users to execute arbitrary commands by using \"()\" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program\u0027s full pathname."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-28-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://www.ubuntu.com/usn/usn-28-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sudo.ws/sudo/alerts/bash_functions.html"
        },
        {
          "name": "OpenPKG-SA-2005.002",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110598298225675\u0026w=2"
        },
        {
          "name": "20041112 Sudo version 1.6.8p2 now available (fwd)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110028877431192\u0026w=2"
        },
        {
          "name": "MDKSA-2004:133",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:133"
        },
        {
          "name": "APPLE-SA-2005-05-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
        },
        {
          "name": "11668",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11668"
        },
        {
          "name": "DSA-596",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-596"
        },
        {
          "name": "sudo-bash-command-execution(18055)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18055"
        },
        {
          "name": "2004-0061",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2004/0061/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1051",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sudo before 1.6.8p2 allows local users to execute arbitrary commands by using \"()\" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program\u0027s full pathname."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-28-1",
              "refsource": "UBUNTU",
              "url": "https://www.ubuntu.com/usn/usn-28-1/"
            },
            {
              "name": "http://www.sudo.ws/sudo/alerts/bash_functions.html",
              "refsource": "CONFIRM",
              "url": "http://www.sudo.ws/sudo/alerts/bash_functions.html"
            },
            {
              "name": "OpenPKG-SA-2005.002",
              "refsource": "OPENPKG",
              "url": "http://marc.info/?l=bugtraq\u0026m=110598298225675\u0026w=2"
            },
            {
              "name": "20041112 Sudo version 1.6.8p2 now available (fwd)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110028877431192\u0026w=2"
            },
            {
              "name": "MDKSA-2004:133",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:133"
            },
            {
              "name": "APPLE-SA-2005-05-03",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"
            },
            {
              "name": "11668",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11668"
            },
            {
              "name": "DSA-596",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-596"
            },
            {
              "name": "sudo-bash-command-execution(18055)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18055"
            },
            {
              "name": "2004-0061",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2004/0061/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1051",
    "datePublished": "2004-11-18T05:00:00",
    "dateReserved": "2004-11-17T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.761Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0473

Vulnerability from cvelistv5

Published

2005-02-19 05:00

Modified

2024-08-07 21:13

Severity ?

Summary

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

References

▼	URL	Tags
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/archive/1/426078/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.kb.cert.org/vuls/id/523888	third-party-advisory, x_refsource_CERT-VN
	http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml	vendor-advisory, x_refsource_GENTOO
	https://exchange.xforce.ibmcloud.com/vulnerabilities/19381	vdb-entry, x_refsource_XF
	http://marc.info/?l=bugtraq&m=110935655500670&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDKSA-2005:049	vendor-advisory, x_refsource_MANDRAKE
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933	vendor-advisory, x_refsource_CONECTIVA
	http://gaim.sourceforge.net/security/index.php?id=11	x_refsource_CONFIRM
	http://secunia.com/advisories/14322	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2005-215.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/12589	vdb-entry, x_refsource_BID
	http://www.novell.com/linux/security/advisories/2005_36_sudo.html	vendor-advisory, x_refsource_SUSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:13:54.250Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:10212",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
          },
          {
            "name": "FLSA:158543",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
          },
          {
            "name": "VU#523888",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/523888"
          },
          {
            "name": "GLSA-200503-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
          },
          {
            "name": "gaim-html-dos(19381)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
          },
          {
            "name": "20050225 [USN-85-1] Gaim vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
          },
          {
            "name": "MDKSA-2005:049",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
          },
          {
            "name": "CLA-2005:933",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://gaim.sourceforge.net/security/index.php?id=11"
          },
          {
            "name": "14322",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14322"
          },
          {
            "name": "RHSA-2005:215",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
          },
          {
            "name": "12589",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12589"
          },
          {
            "name": "SUSE-SA:2005:036",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes \"an invalid memory access,\" a different vulnerability than CVE-2005-0208."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:10212",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212"
        },
        {
          "name": "FLSA:158543",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
        },
        {
          "name": "VU#523888",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/523888"
        },
        {
          "name": "GLSA-200503-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml"
        },
        {
          "name": "gaim-html-dos(19381)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19381"
        },
        {
          "name": "20050225 [USN-85-1] Gaim vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110935655500670\u0026w=2"
        },
        {
          "name": "MDKSA-2005:049",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:049"
        },
        {
          "name": "CLA-2005:933",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000933"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://gaim.sourceforge.net/security/index.php?id=11"
        },
        {
          "name": "14322",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14322"
        },
        {
          "name": "RHSA-2005:215",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-215.html"
        },
        {
          "name": "12589",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12589"
        },
        {
          "name": "SUSE-SA:2005:036",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_36_sudo.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0473",
    "datePublished": "2005-02-19T05:00:00",
    "dateReserved": "2005-02-19T00:00:00",
    "dateUpdated": "2024-08-07T21:13:54.250Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-3626

Vulnerability from cvelistv5

Published

2006-01-06 22:00

Modified

2024-08-07 23:17

Severity ?

Summary

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/16143	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2005/dsa-932	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18349	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18147	third-party-advisory, x_refsource_SECUNIA
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	vendor-advisory, x_refsource_SCO
	http://scary.beasts.org/security/CESA-2005-003.txt	x_refsource_MISC
	http://www.kde.org/info/security/advisory-20051207-2.txt	x_refsource_CONFIRM
	http://secunia.com/advisories/18679	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18312	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18644	third-party-advisory, x_refsource_SECUNIA
	https://usn.ubuntu.com/236-1/	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/18425	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18373	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/18303	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-931	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18554	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:003	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/19230	third-party-advisory, x_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1	vendor-advisory, x_refsource_SUNALERT
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:012	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2006/dsa-962	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2006-0163.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2005/dsa-937	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18398	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/427053/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.trustix.org/errata/2006/0002/	vendor-advisory, x_refsource_TRUSTIX
	http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2006/dsa-936	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/18329	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18463	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18642	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18674	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:005	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18313	third-party-advisory, x_refsource_SECUNIA
	ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U	vendor-advisory, x_refsource_SGI
	ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U	vendor-advisory, x_refsource_SGI
	http://secunia.com/advisories/18448	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18436	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18428	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24026	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/18380	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18423	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18416	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2006-0177.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2007/2280	vdb-entry, x_refsource_VUPEN
	http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/18335	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18407	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18332	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18517	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18582	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18534	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683	vendor-advisory, x_refsource_SLACKWARE
	http://secunia.com/advisories/18908	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html	x_refsource_CONFIRM
	http://secunia.com/advisories/25729	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18414	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:006	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18338	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:008	vendor-advisory, x_refsource_MANDRIVA
	ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U	vendor-advisory, x_refsource_SGI
	http://www.redhat.com/support/errata/RHSA-2006-0160.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:010	vendor-advisory, x_refsource_MANDRAKE
	http://www.debian.org/security/2005/dsa-940	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:004	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2006/0047	vdb-entry, x_refsource_VUPEN
	http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/18389	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747	vendor-advisory, x_refsource_SLACKWARE
	http://secunia.com/advisories/19377	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/archive/1/427990/100/0/threaded	vendor-advisory, x_refsource_FEDORA
	http://www.debian.org/security/2006/dsa-961	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18675	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18913	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-938	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18334	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/18375	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2006/dsa-950	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/18387	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:011	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/18385	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "16143",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16143"
          },
          {
            "name": "DSA-932",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-932"
          },
          {
            "name": "18349",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18349"
          },
          {
            "name": "18147",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18147"
          },
          {
            "name": "SCOSA-2006.15",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
          },
          {
            "name": "18679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18679"
          },
          {
            "name": "18312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18312"
          },
          {
            "name": "18644",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18644"
          },
          {
            "name": "USN-236-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/236-1/"
          },
          {
            "name": "18425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18425"
          },
          {
            "name": "18373",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18373"
          },
          {
            "name": "oval:org.mitre.oval:def:9992",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
          },
          {
            "name": "18303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18303"
          },
          {
            "name": "DSA-931",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-931"
          },
          {
            "name": "18554",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18554"
          },
          {
            "name": "MDKSA-2006:003",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
          },
          {
            "name": "19230",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19230"
          },
          {
            "name": "102972",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
          },
          {
            "name": "MDKSA-2006:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
          },
          {
            "name": "DSA-962",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
          },
          {
            "name": "RHSA-2006:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
          },
          {
            "name": "DSA-937",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-937"
          },
          {
            "name": "18398",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18398"
          },
          {
            "name": "FLSA-2006:176751",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
          },
          {
            "name": "2006-0002",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2006/0002/"
          },
          {
            "name": "SUSE-SA:2006:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
          },
          {
            "name": "DSA-936",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-936"
          },
          {
            "name": "FEDORA-2005-026",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
          },
          {
            "name": "18329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18329"
          },
          {
            "name": "18463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18463"
          },
          {
            "name": "18642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18642"
          },
          {
            "name": "18674",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18674"
          },
          {
            "name": "MDKSA-2006:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
          },
          {
            "name": "18313",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18313"
          },
          {
            "name": "20051201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
          },
          {
            "name": "20060101-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
          },
          {
            "name": "18448",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18448"
          },
          {
            "name": "18436",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18436"
          },
          {
            "name": "18428",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18428"
          },
          {
            "name": "xpdf-flatedecode-dos(24026)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
          },
          {
            "name": "18380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18380"
          },
          {
            "name": "18423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18423"
          },
          {
            "name": "18416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18416"
          },
          {
            "name": "RHSA-2006:0177",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
          },
          {
            "name": "ADV-2007-2280",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2280"
          },
          {
            "name": "GLSA-200601-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
          },
          {
            "name": "18335",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18335"
          },
          {
            "name": "18407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18407"
          },
          {
            "name": "18332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18332"
          },
          {
            "name": "18517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18517"
          },
          {
            "name": "18582",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18582"
          },
          {
            "name": "18534",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18534"
          },
          {
            "name": "SSA:2006-045-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
          },
          {
            "name": "18908",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18908"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
          },
          {
            "name": "25729",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25729"
          },
          {
            "name": "18414",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18414"
          },
          {
            "name": "MDKSA-2006:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
          },
          {
            "name": "18338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18338"
          },
          {
            "name": "MDKSA-2006:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
          },
          {
            "name": "20060201-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
          },
          {
            "name": "RHSA-2006:0160",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
          },
          {
            "name": "MDKSA-2006:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
          },
          {
            "name": "DSA-940",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-940"
          },
          {
            "name": "MDKSA-2006:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
          },
          {
            "name": "ADV-2006-0047",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0047"
          },
          {
            "name": "GLSA-200601-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
          },
          {
            "name": "18389",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18389"
          },
          {
            "name": "SSA:2006-045-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
          },
          {
            "name": "19377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19377"
          },
          {
            "name": "FEDORA-2005-025",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
          },
          {
            "name": "FLSA:175404",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
          },
          {
            "name": "DSA-961",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-961"
          },
          {
            "name": "18675",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18675"
          },
          {
            "name": "18913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18913"
          },
          {
            "name": "DSA-938",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-938"
          },
          {
            "name": "18334",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18334"
          },
          {
            "name": "18375",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18375"
          },
          {
            "name": "DSA-950",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-950"
          },
          {
            "name": "18387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18387"
          },
          {
            "name": "MDKSA-2006:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
          },
          {
            "name": "18385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18385"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "16143",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16143"
        },
        {
          "name": "DSA-932",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-932"
        },
        {
          "name": "18349",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18349"
        },
        {
          "name": "18147",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18147"
        },
        {
          "name": "SCOSA-2006.15",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://scary.beasts.org/security/CESA-2005-003.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
        },
        {
          "name": "18679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18679"
        },
        {
          "name": "18312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18312"
        },
        {
          "name": "18644",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18644"
        },
        {
          "name": "USN-236-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/236-1/"
        },
        {
          "name": "18425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18425"
        },
        {
          "name": "18373",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18373"
        },
        {
          "name": "oval:org.mitre.oval:def:9992",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
        },
        {
          "name": "18303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18303"
        },
        {
          "name": "DSA-931",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-931"
        },
        {
          "name": "18554",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18554"
        },
        {
          "name": "MDKSA-2006:003",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
        },
        {
          "name": "19230",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19230"
        },
        {
          "name": "102972",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
        },
        {
          "name": "MDKSA-2006:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
        },
        {
          "name": "DSA-962",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
        },
        {
          "name": "RHSA-2006:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
        },
        {
          "name": "DSA-937",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-937"
        },
        {
          "name": "18398",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18398"
        },
        {
          "name": "FLSA-2006:176751",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
        },
        {
          "name": "2006-0002",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2006/0002/"
        },
        {
          "name": "SUSE-SA:2006:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
        },
        {
          "name": "DSA-936",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-936"
        },
        {
          "name": "FEDORA-2005-026",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
        },
        {
          "name": "18329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18329"
        },
        {
          "name": "18463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18463"
        },
        {
          "name": "18642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18642"
        },
        {
          "name": "18674",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18674"
        },
        {
          "name": "MDKSA-2006:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
        },
        {
          "name": "18313",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18313"
        },
        {
          "name": "20051201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
        },
        {
          "name": "20060101-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
        },
        {
          "name": "18448",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18448"
        },
        {
          "name": "18436",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18436"
        },
        {
          "name": "18428",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18428"
        },
        {
          "name": "xpdf-flatedecode-dos(24026)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
        },
        {
          "name": "18380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18380"
        },
        {
          "name": "18423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18423"
        },
        {
          "name": "18416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18416"
        },
        {
          "name": "RHSA-2006:0177",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
        },
        {
          "name": "ADV-2007-2280",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2280"
        },
        {
          "name": "GLSA-200601-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
        },
        {
          "name": "18335",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18335"
        },
        {
          "name": "18407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18407"
        },
        {
          "name": "18332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18332"
        },
        {
          "name": "18517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18517"
        },
        {
          "name": "18582",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18582"
        },
        {
          "name": "18534",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18534"
        },
        {
          "name": "SSA:2006-045-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
        },
        {
          "name": "18908",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18908"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
        },
        {
          "name": "25729",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25729"
        },
        {
          "name": "18414",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18414"
        },
        {
          "name": "MDKSA-2006:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
        },
        {
          "name": "18338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18338"
        },
        {
          "name": "MDKSA-2006:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
        },
        {
          "name": "20060201-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
        },
        {
          "name": "RHSA-2006:0160",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
        },
        {
          "name": "MDKSA-2006:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
        },
        {
          "name": "DSA-940",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-940"
        },
        {
          "name": "MDKSA-2006:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
        },
        {
          "name": "ADV-2006-0047",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0047"
        },
        {
          "name": "GLSA-200601-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
        },
        {
          "name": "18389",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18389"
        },
        {
          "name": "SSA:2006-045-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
        },
        {
          "name": "19377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19377"
        },
        {
          "name": "FEDORA-2005-025",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
        },
        {
          "name": "FLSA:175404",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
        },
        {
          "name": "DSA-961",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-961"
        },
        {
          "name": "18675",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18675"
        },
        {
          "name": "18913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18913"
        },
        {
          "name": "DSA-938",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-938"
        },
        {
          "name": "18334",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18334"
        },
        {
          "name": "18375",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18375"
        },
        {
          "name": "DSA-950",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-950"
        },
        {
          "name": "18387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18387"
        },
        {
          "name": "MDKSA-2006:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
        },
        {
          "name": "18385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18385"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3626",
    "datePublished": "2006-01-06T22:00:00",
    "dateReserved": "2005-11-16T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0178

Vulnerability from cvelistv5

Published

2001-05-07 04:00

Modified

2024-08-08 04:14

Severity ?

Summary

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

References

▼	URL	Tags
	http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html	vendor-advisory, x_refsource_SUSE
	http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt	vendor-advisory, x_refsource_CALDERA
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5995	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:14:06.573Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SuSE-SA:2001:02",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html"
          },
          {
            "name": "CSSA-2001-005.0",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt"
          },
          {
            "name": "MDKSA-2001:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2"
          },
          {
            "name": "kde2-kdesu-retrieve-passwords(5995)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5995"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-01-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-02T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SuSE-SA:2001:02",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html"
        },
        {
          "name": "CSSA-2001-005.0",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt"
        },
        {
          "name": "MDKSA-2001:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2"
        },
        {
          "name": "kde2-kdesu-retrieve-passwords(5995)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5995"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0178",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SuSE-SA:2001:02",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html"
            },
            {
              "name": "CSSA-2001-005.0",
              "refsource": "CALDERA",
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt"
            },
            {
              "name": "MDKSA-2001:018",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2"
            },
            {
              "name": "kde2-kdesu-retrieve-passwords(5995)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5995"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0178",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2001-03-08T00:00:00",
    "dateUpdated": "2024-08-08T04:14:06.573Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0974

Vulnerability from cvelistv5

Published

2004-10-20 04:00

Modified

2024-08-08 00:38

Severity ?

Summary

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17583	vdb-entry, x_refsource_XF
	http://www.trustix.org/errata/2004/0050	vendor-advisory, x_refsource_TRUSTIX
	http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml	vendor-advisory, x_refsource_GENTOO

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:38:59.875Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "script-temporary-file-overwrite(17583)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
          },
          {
            "name": "2004-0050",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2004/0050"
          },
          {
            "name": "GLSA-200410-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "script-temporary-file-overwrite(17583)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
        },
        {
          "name": "2004-0050",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2004/0050"
        },
        {
          "name": "GLSA-200410-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0974",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "script-temporary-file-overwrite(17583)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583"
            },
            {
              "name": "2004-0050",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2004/0050"
            },
            {
              "name": "GLSA-200410-25",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-25.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0974",
    "datePublished": "2004-10-20T04:00:00",
    "dateReserved": "2004-10-19T00:00:00",
    "dateUpdated": "2024-08-08T00:38:59.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-0454

Vulnerability from cvelistv5

Published

2007-02-06 02:00

Modified

2024-08-07 12:19

Severity ?

Summary

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

References

▼	URL	Tags
	http://www.kb.cert.org/vuls/id/649732	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/advisories/24046	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24101	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/459365/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml	vendor-advisory, x_refsource_GENTOO
	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html	vendor-advisory, x_refsource_OPENPKG
	http://securitytracker.com/id?1017588	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/24151	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/0483	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/24021	third-party-advisory, x_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1005	x_refsource_CONFIRM
	http://us1.samba.org/samba/security/CVE-2007-0454.html	x_refsource_CONFIRM
	http://secunia.com/advisories/24067	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/33101	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/24145	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24060	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:034	vendor-advisory, x_refsource_MANDRIVA
	http://www.securityfocus.com/archive/1/459179/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.trustix.org/errata/2007/0007	vendor-advisory, x_refsource_TRUSTIX
	http://www.ubuntu.com/usn/usn-419-1	vendor-advisory, x_refsource_UBUNTU
	https://exchange.xforce.ibmcloud.com/vulnerabilities/32304	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/22403	vdb-entry, x_refsource_BID
	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916	vendor-advisory, x_refsource_SLACKWARE
	http://www.debian.org/security/2007/dsa-1257	vendor-advisory, x_refsource_DEBIAN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:19:30.137Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#649732",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/649732"
          },
          {
            "name": "24046",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24046"
          },
          {
            "name": "24101",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24101"
          },
          {
            "name": "20070207 rPSA-2007-0026-1 samba samba-swat",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded"
          },
          {
            "name": "GLSA-200702-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml"
          },
          {
            "name": "OpenPKG-SA-2007.012",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"
          },
          {
            "name": "1017588",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017588"
          },
          {
            "name": "24151",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24151"
          },
          {
            "name": "ADV-2007-0483",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0483"
          },
          {
            "name": "24021",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24021"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1005"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://us1.samba.org/samba/security/CVE-2007-0454.html"
          },
          {
            "name": "24067",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24067"
          },
          {
            "name": "33101",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/33101"
          },
          {
            "name": "24145",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24145"
          },
          {
            "name": "24060",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24060"
          },
          {
            "name": "MDKSA-2007:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:034"
          },
          {
            "name": "20070205 [SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/459179/100/0/threaded"
          },
          {
            "name": "2007-0007",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0007"
          },
          {
            "name": "USN-419-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-419-1"
          },
          {
            "name": "samba-afsacl-format-string(32304)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32304"
          },
          {
            "name": "22403",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22403"
          },
          {
            "name": "SSA:2007-038-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.476916"
          },
          {
            "name": "DSA-1257",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1257"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "VU#649732",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/649732"
        },
        {
          "name": "24046",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24046"
        },
        {
          "name": "24101",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24101"
        },
        {
          "name": "20070207 rPSA-2007-0026-1 samba samba-swat",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded"
        },
        {
          "name": "GLSA-200702-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200702-01.xml"
        },
        {
          "name": "OpenPKG-SA-2007.012",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html"
        },
        {
          "name": "1017588",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017588"
        },
        {
          "name": "24151",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24151"
        },
        {
          "name": "ADV-2007-0483",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0483"
        },
        {
          "name": "24021",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24021"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1005"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://us1.samba.org/samba/security/CVE-2007-0454.html"
        },
        {
          "name": "24067",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24067"
        },
        {
          "name": "33101",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/33101"
        },
        {
          "name": "24145",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24145"
        },
        {
          "name": "24060",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24060"
        },
        {
          "name": "MDKSA-2007:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:034"
        },
        {
          "name": "20070205 [SAMBA-SECURITY] CVE-2007-0454: Format string bug in afsacl.so VFS plugin",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/459179/100/0/threaded"
        },
        {
          "name": "2007-0007",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0007"
        },
        {
          "name": "USN-419-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-419-1"
        },
        {
          "name": "samba-afsacl-format-string(32304)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32304"
        },
        {
          "name": "22403",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22403"
        },
        {
          "name": "SSA:2007-038-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.476916"
        },
        {
          "name": "DSA-1257",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1257"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-0454",
    "datePublished": "2007-02-06T02:00:00",
    "dateReserved": "2007-01-23T00:00:00",
    "dateUpdated": "2024-08-07T12:19:30.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1351

Vulnerability from cvelistv5

Published

2007-04-06 01:00

Modified

2024-08-07 12:50

Severity ?

Summary

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2007-0150.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24745	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24921	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/33937	third-party-advisory, x_refsource_SECUNIA
	http://www.trustix.org/errata/2007/0013/	vendor-advisory, x_refsource_TRUSTIX
	http://secunia.com/advisories/24771	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200705-02.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/24889	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24770	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25006	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24756	third-party-advisory, x_refsource_SECUNIA
	http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=498954	x_refsource_CONFIRM
	http://secunia.com/advisories/25495	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24996	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/23283	vdb-entry, x_refsource_BID
	http://www.redhat.com/support/errata/RHSA-2007-0126.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/23300	vdb-entry, x_refsource_BID
	http://support.apple.com/kb/HT3438	x_refsource_CONFIRM
	http://security.gentoo.org/glsa/glsa-200705-10.xml	vendor-advisory, x_refsource_GENTOO
	http://www.ubuntu.com/usn/usn-448-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:080	vendor-advisory, x_refsource_MANDRIVA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.626733	vendor-advisory, x_refsource_SLACKWARE
	http://www.novell.com/linux/security/advisories/2007_6_sr.html	vendor-advisory, x_refsource_SUSE
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:081	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2008/dsa-1454	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/24758	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/1264	vdb-entry, x_refsource_VUPEN
	http://www.securitytracker.com/id?1017857	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/24885	third-party-advisory, x_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm	x_refsource_CONFIRM
	http://secunia.com/advisories/25096	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25195	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0125.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24741	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/24776	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28333	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/24768	third-party-advisory, x_refsource_SECUNIA
	http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/24791	third-party-advisory, x_refsource_SECUNIA
	http://www.novell.com/linux/security/advisories/2007_27_x.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/30161	third-party-advisory, x_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml	vendor-advisory, x_refsource_GENTOO
	http://sourceforge.net/project/shownotes.php?release_id=498954	x_refsource_CONFIRM
	http://www.debian.org/security/2007/dsa-1294	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/24765	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25216	third-party-advisory, x_refsource_SECUNIA
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/archive/1/464686/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/464816/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/1548	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/33417	vdb-entry, x_refsource_XF
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1	vendor-advisory, x_refsource_SUNALERT
	http://www.vupen.com/english/advisories/2007/1217	vdb-entry, x_refsource_VUPEN
	http://www.openbsd.org/errata40.html#011_xorg	vendor-advisory, x_refsource_OPENBSD
	https://issues.rpath.com/browse/RPL-1213	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/23402	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/25004	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25305	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2007-0132.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24772	third-party-advisory, x_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm	x_refsource_CONFIRM
	http://www.openbsd.org/errata39.html#021_xorg	vendor-advisory, x_refsource_OPENBSD
	http://issues.foresightlinux.org/browse/FL-223	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:079	vendor-advisory, x_refsource_MANDRIVA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:50:35.134Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2007:0150",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
          },
          {
            "name": "24745",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24745"
          },
          {
            "name": "24921",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24921"
          },
          {
            "name": "oval:org.mitre.oval:def:1810",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
          },
          {
            "name": "33937",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33937"
          },
          {
            "name": "2007-0013",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0013/"
          },
          {
            "name": "24771",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24771"
          },
          {
            "name": "GLSA-200705-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
          },
          {
            "name": "24889",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24889"
          },
          {
            "name": "24770",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24770"
          },
          {
            "name": "25006",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25006"
          },
          {
            "name": "24756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24756"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
          },
          {
            "name": "25495",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25495"
          },
          {
            "name": "24996",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24996"
          },
          {
            "name": "23283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23283"
          },
          {
            "name": "RHSA-2007:0126",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
          },
          {
            "name": "23300",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23300"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3438"
          },
          {
            "name": "GLSA-200705-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
          },
          {
            "name": "USN-448-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-448-1"
          },
          {
            "name": "APPLE-SA-2009-02-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
          },
          {
            "name": "MDKSA-2007:080",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
          },
          {
            "name": "SSA:2007-109-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
          },
          {
            "name": "SUSE-SR:2007:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
          },
          {
            "name": "MDKSA-2007:081",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
          },
          {
            "name": "DSA-1454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1454"
          },
          {
            "name": "24758",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24758"
          },
          {
            "name": "ADV-2007-1264",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1264"
          },
          {
            "name": "1017857",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017857"
          },
          {
            "name": "24885",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24885"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
          },
          {
            "name": "25096",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25096"
          },
          {
            "name": "25195",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25195"
          },
          {
            "name": "RHSA-2007:0125",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
          },
          {
            "name": "24741",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24741"
          },
          {
            "name": "APPLE-SA-2007-11-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
          },
          {
            "name": "24776",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24776"
          },
          {
            "name": "28333",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28333"
          },
          {
            "name": "24768",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24768"
          },
          {
            "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
          },
          {
            "name": "24791",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24791"
          },
          {
            "name": "SUSE-SA:2007:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
          },
          {
            "name": "30161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "name": "GLSA-200805-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
          },
          {
            "name": "DSA-1294",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1294"
          },
          {
            "name": "24765",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24765"
          },
          {
            "name": "25216",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25216"
          },
          {
            "name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
          },
          {
            "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
          },
          {
            "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
          },
          {
            "name": "ADV-2007-1548",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1548"
          },
          {
            "name": "xorg-bdf-font-bo(33417)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
          },
          {
            "name": "102886",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
          },
          {
            "name": "ADV-2007-1217",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1217"
          },
          {
            "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata40.html#011_xorg"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1213"
          },
          {
            "name": "23402",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23402"
          },
          {
            "name": "25004",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25004"
          },
          {
            "name": "25305",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25305"
          },
          {
            "name": "oval:org.mitre.oval:def:11266",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
          },
          {
            "name": "RHSA-2007:0132",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
          },
          {
            "name": "24772",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24772"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
          },
          {
            "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENBSD",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata39.html#021_xorg"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://issues.foresightlinux.org/browse/FL-223"
          },
          {
            "name": "MDKSA-2007:079",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2007:0150",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
        },
        {
          "name": "24745",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24745"
        },
        {
          "name": "24921",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24921"
        },
        {
          "name": "oval:org.mitre.oval:def:1810",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
        },
        {
          "name": "33937",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33937"
        },
        {
          "name": "2007-0013",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0013/"
        },
        {
          "name": "24771",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24771"
        },
        {
          "name": "GLSA-200705-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
        },
        {
          "name": "24889",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24889"
        },
        {
          "name": "24770",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24770"
        },
        {
          "name": "25006",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25006"
        },
        {
          "name": "24756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24756"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
        },
        {
          "name": "25495",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25495"
        },
        {
          "name": "24996",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24996"
        },
        {
          "name": "23283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23283"
        },
        {
          "name": "RHSA-2007:0126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
        },
        {
          "name": "23300",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23300"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3438"
        },
        {
          "name": "GLSA-200705-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
        },
        {
          "name": "USN-448-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-448-1"
        },
        {
          "name": "APPLE-SA-2009-02-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
        },
        {
          "name": "MDKSA-2007:080",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
        },
        {
          "name": "SSA:2007-109-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
        },
        {
          "name": "SUSE-SR:2007:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
        },
        {
          "name": "MDKSA-2007:081",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
        },
        {
          "name": "DSA-1454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1454"
        },
        {
          "name": "24758",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24758"
        },
        {
          "name": "ADV-2007-1264",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1264"
        },
        {
          "name": "1017857",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017857"
        },
        {
          "name": "24885",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24885"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
        },
        {
          "name": "25096",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25096"
        },
        {
          "name": "25195",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25195"
        },
        {
          "name": "RHSA-2007:0125",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
        },
        {
          "name": "24741",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24741"
        },
        {
          "name": "APPLE-SA-2007-11-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
        },
        {
          "name": "24776",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24776"
        },
        {
          "name": "28333",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28333"
        },
        {
          "name": "24768",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24768"
        },
        {
          "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
        },
        {
          "name": "24791",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24791"
        },
        {
          "name": "SUSE-SA:2007:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
        },
        {
          "name": "30161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30161"
        },
        {
          "name": "GLSA-200805-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
        },
        {
          "name": "DSA-1294",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1294"
        },
        {
          "name": "24765",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24765"
        },
        {
          "name": "25216",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25216"
        },
        {
          "name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
        },
        {
          "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
        },
        {
          "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
        },
        {
          "name": "ADV-2007-1548",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1548"
        },
        {
          "name": "xorg-bdf-font-bo(33417)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
        },
        {
          "name": "102886",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
        },
        {
          "name": "ADV-2007-1217",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1217"
        },
        {
          "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata40.html#011_xorg"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1213"
        },
        {
          "name": "23402",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23402"
        },
        {
          "name": "25004",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25004"
        },
        {
          "name": "25305",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25305"
        },
        {
          "name": "oval:org.mitre.oval:def:11266",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
        },
        {
          "name": "RHSA-2007:0132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
        },
        {
          "name": "24772",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24772"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
        },
        {
          "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENBSD"
          ],
          "url": "http://www.openbsd.org/errata39.html#021_xorg"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://issues.foresightlinux.org/browse/FL-223"
        },
        {
          "name": "MDKSA-2007:079",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-1351",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2007:0150",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
            },
            {
              "name": "24745",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24745"
            },
            {
              "name": "24921",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24921"
            },
            {
              "name": "oval:org.mitre.oval:def:1810",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
            },
            {
              "name": "33937",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33937"
            },
            {
              "name": "2007-0013",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2007/0013/"
            },
            {
              "name": "24771",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24771"
            },
            {
              "name": "GLSA-200705-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
            },
            {
              "name": "24889",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24889"
            },
            {
              "name": "24770",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24770"
            },
            {
              "name": "25006",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25006"
            },
            {
              "name": "24756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24756"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
            },
            {
              "name": "25495",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25495"
            },
            {
              "name": "24996",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24996"
            },
            {
              "name": "23283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23283"
            },
            {
              "name": "RHSA-2007:0126",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
            },
            {
              "name": "23300",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23300"
            },
            {
              "name": "http://support.apple.com/kb/HT3438",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3438"
            },
            {
              "name": "GLSA-200705-10",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
            },
            {
              "name": "USN-448-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-448-1"
            },
            {
              "name": "APPLE-SA-2009-02-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
            },
            {
              "name": "MDKSA-2007:080",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
            },
            {
              "name": "SSA:2007-109-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
            },
            {
              "name": "SUSE-SR:2007:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
            },
            {
              "name": "MDKSA-2007:081",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
            },
            {
              "name": "DSA-1454",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1454"
            },
            {
              "name": "24758",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24758"
            },
            {
              "name": "ADV-2007-1264",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1264"
            },
            {
              "name": "1017857",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017857"
            },
            {
              "name": "24885",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24885"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
            },
            {
              "name": "25096",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25096"
            },
            {
              "name": "25195",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25195"
            },
            {
              "name": "RHSA-2007:0125",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
            },
            {
              "name": "24741",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24741"
            },
            {
              "name": "APPLE-SA-2007-11-14",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
            },
            {
              "name": "24776",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24776"
            },
            {
              "name": "28333",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28333"
            },
            {
              "name": "24768",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24768"
            },
            {
              "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
              "refsource": "MLIST",
              "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
            },
            {
              "name": "24791",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24791"
            },
            {
              "name": "SUSE-SA:2007:027",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
            },
            {
              "name": "30161",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30161"
            },
            {
              "name": "GLSA-200805-07",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?release_id=498954",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
            },
            {
              "name": "DSA-1294",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1294"
            },
            {
              "name": "24765",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24765"
            },
            {
              "name": "25216",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25216"
            },
            {
              "name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
            },
            {
              "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
            },
            {
              "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
            },
            {
              "name": "ADV-2007-1548",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1548"
            },
            {
              "name": "xorg-bdf-font-bo(33417)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
            },
            {
              "name": "102886",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
            },
            {
              "name": "ADV-2007-1217",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1217"
            },
            {
              "name": "[4.0] 011: SECURITY FIX: April 4, 2007",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata40.html#011_xorg"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1213",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1213"
            },
            {
              "name": "23402",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23402"
            },
            {
              "name": "25004",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25004"
            },
            {
              "name": "25305",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25305"
            },
            {
              "name": "oval:org.mitre.oval:def:11266",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
            },
            {
              "name": "RHSA-2007:0132",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
            },
            {
              "name": "24772",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24772"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
            },
            {
              "name": "[3.9] 021: SECURITY FIX: April 4, 2007",
              "refsource": "OPENBSD",
              "url": "http://www.openbsd.org/errata39.html#021_xorg"
            },
            {
              "name": "http://issues.foresightlinux.org/browse/FL-223",
              "refsource": "CONFIRM",
              "url": "http://issues.foresightlinux.org/browse/FL-223"
            },
            {
              "name": "MDKSA-2007:079",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-1351",
    "datePublished": "2007-04-06T01:00:00",
    "dateReserved": "2007-03-08T00:00:00",
    "dateUpdated": "2024-08-07T12:50:35.134Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0138

Vulnerability from cvelistv5

Published

2001-05-07 04:00

Modified

2024-08-08 04:06

Severity ?

Summary

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=97916374410647&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/2189	vdb-entry, x_refsource_BID
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5915	vdb-entry, x_refsource_XF
	http://www.debian.org/security/2001/dsa-016	vendor-advisory, x_refsource_DEBIAN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:55.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20010110 Immunix OS Security update for lots of temp file problems",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
          },
          {
            "name": "2189",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2189"
          },
          {
            "name": "MDKSA-2001-001",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3"
          },
          {
            "name": "linux-wuftpd-privatepw-symlink(5915)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915"
          },
          {
            "name": "DSA-016",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2001/dsa-016"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-05-21T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20010110 Immunix OS Security update for lots of temp file problems",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
        },
        {
          "name": "2189",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2189"
        },
        {
          "name": "MDKSA-2001-001",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3"
        },
        {
          "name": "linux-wuftpd-privatepw-symlink(5915)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915"
        },
        {
          "name": "DSA-016",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2001/dsa-016"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20010110 Immunix OS Security update for lots of temp file problems",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
            },
            {
              "name": "2189",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2189"
            },
            {
              "name": "MDKSA-2001-001",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3"
            },
            {
              "name": "linux-wuftpd-privatepw-symlink(5915)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915"
            },
            {
              "name": "DSA-016",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2001/dsa-016"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0138",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2001-02-06T00:00:00",
    "dateUpdated": "2024-08-08T04:06:55.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-1449

Vulnerability from cvelistv5

Published

2005-04-21 04:00

Modified

2024-08-08 04:58

Severity ?

Summary

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/8029	vdb-entry, x_refsource_XF
	http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2	vendor-advisory, x_refsource_MANDRAKE
	http://www.kb.cert.org/vuls/id/913704	third-party-advisory, x_refsource_CERT-VN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:58:11.321Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "mandrake-apache-browse-directories(8029)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8029"
          },
          {
            "name": "MDKSA-2001:077",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2"
          },
          {
            "name": "VU#913704",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/913704"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-11-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "mandrake-apache-browse-directories(8029)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8029"
        },
        {
          "name": "MDKSA-2001:077",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2"
        },
        {
          "name": "VU#913704",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/913704"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1449",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "mandrake-apache-browse-directories(8029)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8029"
            },
            {
              "name": "MDKSA-2001:077",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2001:077-2"
            },
            {
              "name": "VU#913704",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/913704"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1449",
    "datePublished": "2005-04-21T04:00:00",
    "dateReserved": "2005-04-21T00:00:00",
    "dateUpdated": "2024-08-08T04:58:11.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0605

Vulnerability from cvelistv5

Published

2005-03-04 05:00

Modified

2024-08-07 21:21

Severity ?

Summary

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2005-331.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2005-412.html	vendor-advisory, x_refsource_REDHAT
	http://securitytracker.com/id?1013339	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/18049	third-party-advisory, x_refsource_SECUNIA
	ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U	vendor-advisory, x_refsource_SGI
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt	vendor-advisory, x_refsource_SCO
	http://bugs.gentoo.org/show_bug.cgi?id=83598	x_refsource_CONFIRM
	http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml	vendor-advisory, x_refsource_GENTOO
	http://www.debian.org/security/2005/dsa-723	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/19624	third-party-advisory, x_refsource_SECUNIA
	https://bugs.freedesktop.org/attachment.cgi?id=1909	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/18316	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/14460	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2005-198.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html	vendor-advisory, x_refsource_FEDORA
	http://www.redhat.com/support/errata/RHSA-2005-044.html	vendor-advisory, x_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-200503-08.xml	vendor-advisory, x_refsource_GENTOO
	http://www.securityfocus.com/bid/12714	vdb-entry, x_refsource_BID
	http://www.redhat.com/support/errata/RHSA-2008-0261.html	vendor-advisory, x_refsource_REDHAT
	http://bugs.gentoo.org/show_bug.cgi?id=83655	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2005-473.html	vendor-advisory, x_refsource_REDHAT
	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html	vendor-advisory, x_refsource_APPLE
	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt	vendor-advisory, x_refsource_SCO
	https://usn.ubuntu.com/97-1/	vendor-advisory, x_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411	vdb-entry, signature, x_refsource_OVAL
	https://usn.ubuntu.com/92-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:21:06.249Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2005:331",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
          },
          {
            "name": "RHSA-2005:412",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
          },
          {
            "name": "1013339",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013339"
          },
          {
            "name": "18049",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18049"
          },
          {
            "name": "20060403-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
          },
          {
            "name": "SCOSA-2006.5",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
          },
          {
            "name": "GLSA-200503-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
          },
          {
            "name": "DSA-723",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-723"
          },
          {
            "name": "19624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19624"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
          },
          {
            "name": "APPLE-SA-2005-08-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
          },
          {
            "name": "18316",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18316"
          },
          {
            "name": "14460",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14460"
          },
          {
            "name": "RHSA-2005:198",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
          },
          {
            "name": "FLSA-2006:152803",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
          },
          {
            "name": "RHSA-2005:044",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
          },
          {
            "name": "GLSA-200503-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
          },
          {
            "name": "12714",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12714"
          },
          {
            "name": "RHSA-2008:0261",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
          },
          {
            "name": "RHSA-2005:473",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
          },
          {
            "name": "APPLE-SA-2005-08-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
          },
          {
            "name": "SCOSA-2005.57",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
          },
          {
            "name": "USN-97-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/97-1/"
          },
          {
            "name": "oval:org.mitre.oval:def:10411",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
          },
          {
            "name": "USN-92-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/92-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2005:331",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
        },
        {
          "name": "RHSA-2005:412",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
        },
        {
          "name": "1013339",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013339"
        },
        {
          "name": "18049",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18049"
        },
        {
          "name": "20060403-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
        },
        {
          "name": "SCOSA-2006.5",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
        },
        {
          "name": "GLSA-200503-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
        },
        {
          "name": "DSA-723",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-723"
        },
        {
          "name": "19624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19624"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
        },
        {
          "name": "APPLE-SA-2005-08-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
        },
        {
          "name": "18316",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18316"
        },
        {
          "name": "14460",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14460"
        },
        {
          "name": "RHSA-2005:198",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
        },
        {
          "name": "FLSA-2006:152803",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
        },
        {
          "name": "RHSA-2005:044",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
        },
        {
          "name": "GLSA-200503-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
        },
        {
          "name": "12714",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12714"
        },
        {
          "name": "RHSA-2008:0261",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
        },
        {
          "name": "RHSA-2005:473",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
        },
        {
          "name": "APPLE-SA-2005-08-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
        },
        {
          "name": "SCOSA-2005.57",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
        },
        {
          "name": "USN-97-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/97-1/"
        },
        {
          "name": "oval:org.mitre.oval:def:10411",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
        },
        {
          "name": "USN-92-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/92-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0605",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2005:331",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html"
            },
            {
              "name": "RHSA-2005:412",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html"
            },
            {
              "name": "1013339",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1013339"
            },
            {
              "name": "18049",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18049"
            },
            {
              "name": "20060403-01-U",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U"
            },
            {
              "name": "SCOSA-2006.5",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=83598",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598"
            },
            {
              "name": "GLSA-200503-15",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml"
            },
            {
              "name": "DSA-723",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-723"
            },
            {
              "name": "19624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19624"
            },
            {
              "name": "https://bugs.freedesktop.org/attachment.cgi?id=1909",
              "refsource": "CONFIRM",
              "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909"
            },
            {
              "name": "APPLE-SA-2005-08-15",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
            },
            {
              "name": "18316",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18316"
            },
            {
              "name": "14460",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14460"
            },
            {
              "name": "RHSA-2005:198",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html"
            },
            {
              "name": "FLSA-2006:152803",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html"
            },
            {
              "name": "RHSA-2005:044",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html"
            },
            {
              "name": "GLSA-200503-08",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml"
            },
            {
              "name": "12714",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12714"
            },
            {
              "name": "RHSA-2008:0261",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=83655",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655"
            },
            {
              "name": "RHSA-2005:473",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html"
            },
            {
              "name": "APPLE-SA-2005-08-17",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
            },
            {
              "name": "SCOSA-2005.57",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt"
            },
            {
              "name": "USN-97-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/97-1/"
            },
            {
              "name": "oval:org.mitre.oval:def:10411",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411"
            },
            {
              "name": "USN-92-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/92-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0605",
    "datePublished": "2005-03-04T05:00:00",
    "dateReserved": "2005-03-01T00:00:00",
    "dateUpdated": "2024-08-07T21:21:06.249Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0581

Vulnerability from cvelistv5

Published

2004-06-23 04:00

Modified

2024-08-08 00:24

Severity ?

Summary

ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/10516	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16392	vdb-entry, x_refsource_XF
	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060	vendor-advisory, x_refsource_MANDRAKE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:26.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10516",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10516"
          },
          {
            "name": "ksymoops-symlink(16392)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16392"
          },
          {
            "name": "MDKSA-2004:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-06-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10516",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10516"
        },
        {
          "name": "ksymoops-symlink(16392)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16392"
        },
        {
          "name": "MDKSA-2004:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0581",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10516",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10516"
            },
            {
              "name": "ksymoops-symlink(16392)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16392"
            },
            {
              "name": "MDKSA-2004:060",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0581",
    "datePublished": "2004-06-23T04:00:00",
    "dateReserved": "2004-06-18T00:00:00",
    "dateUpdated": "2024-08-08T00:24:26.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0559

Vulnerability from cvelistv5

Published

2004-09-24 04:00

Modified

2024-08-08 00:24

Severity ?

Summary

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

References

▼	URL	Tags
	http://www.webmin.com/uchanges-1.089.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/11153	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/12488/	third-party-advisory, x_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml	vendor-advisory, x_refsource_GENTOO
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17299	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:24:25.802Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.webmin.com/uchanges-1.089.html"
          },
          {
            "name": "11153",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11153"
          },
          {
            "name": "12488",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12488/"
          },
          {
            "name": "GLSA-200409-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml"
          },
          {
            "name": "usermin-installation-unspecified(17299)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17299"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.webmin.com/uchanges-1.089.html"
        },
        {
          "name": "11153",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11153"
        },
        {
          "name": "12488",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12488/"
        },
        {
          "name": "GLSA-200409-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml"
        },
        {
          "name": "usermin-installation-unspecified(17299)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17299"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0559",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.webmin.com/uchanges-1.089.html",
              "refsource": "CONFIRM",
              "url": "http://www.webmin.com/uchanges-1.089.html"
            },
            {
              "name": "11153",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11153"
            },
            {
              "name": "12488",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12488/"
            },
            {
              "name": "GLSA-200409-15",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml"
            },
            {
              "name": "usermin-installation-unspecified(17299)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17299"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0559",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-06-14T00:00:00",
    "dateUpdated": "2024-08-08T00:24:25.802Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1098

Vulnerability from cvelistv5

Published

2004-12-01 05:00

Modified

2024-08-08 00:39

Severity ?

Summary

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

References

▼	URL	Tags
	http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html	mailing-list, x_refsource_MLIST
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:123	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17940	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/11563	vdb-entry, x_refsource_BID
	http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml	vendor-advisory, x_refsource_GENTOO

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.906Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20041026 [Mimedefang] SECURITY: Patch for MIME-tools",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html"
          },
          {
            "name": "MDKSA-2004:123",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:123"
          },
          {
            "name": "mimetools-boundary-virus-bypass(17940)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17940"
          },
          {
            "name": "11563",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11563"
          },
          {
            "name": "GLSA-200411-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-10-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20041026 [Mimedefang] SECURITY: Patch for MIME-tools",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html"
        },
        {
          "name": "MDKSA-2004:123",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:123"
        },
        {
          "name": "mimetools-boundary-virus-bypass(17940)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17940"
        },
        {
          "name": "11563",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11563"
        },
        {
          "name": "GLSA-200411-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1098",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20041026 [Mimedefang] SECURITY: Patch for MIME-tools",
              "refsource": "MLIST",
              "url": "http://lists.roaringpenguin.com/pipermail/mimedefang/2004-October/024959.html"
            },
            {
              "name": "MDKSA-2004:123",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:123"
            },
            {
              "name": "mimetools-boundary-virus-bypass(17940)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17940"
            },
            {
              "name": "11563",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11563"
            },
            {
              "name": "GLSA-200411-06",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-06.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1098",
    "datePublished": "2004-12-01T05:00:00",
    "dateReserved": "2004-11-30T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.906Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0802

Vulnerability from cvelistv5

Published

2004-09-24 04:00

Modified

2024-08-08 00:31

Severity ?

Summary

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

References

▼	URL	Tags
	http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup	x_refsource_MISC
	http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1	vendor-advisory, x_refsource_SUNALERT
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870	vendor-advisory, x_refsource_CONECTIVA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17183	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/11084	vdb-entry, x_refsource_BID
	http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089	vendor-advisory, x_refsource_MANDRAKE
	http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml	vendor-advisory, x_refsource_GENTOO

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.483Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
          },
          {
            "name": "201611",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
          },
          {
            "name": "CLA-2004:870",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
          },
          {
            "name": "imlib2-bmp-bo(17183)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
          },
          {
            "name": "11084",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11084"
          },
          {
            "name": "MDKSA-2004:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
          },
          {
            "name": "GLSA-200409-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
        },
        {
          "name": "201611",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
        },
        {
          "name": "CLA-2004:870",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
        },
        {
          "name": "imlib2-bmp-bo(17183)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
        },
        {
          "name": "11084",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11084"
        },
        {
          "name": "MDKSA-2004:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
        },
        {
          "name": "GLSA-200409-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0802",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup",
              "refsource": "MISC",
              "url": "http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20\u0026view=markup"
            },
            {
              "name": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html",
              "refsource": "CONFIRM",
              "url": "http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html"
            },
            {
              "name": "201611",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
            },
            {
              "name": "CLA-2004:870",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
            },
            {
              "name": "imlib2-bmp-bo(17183)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17183"
            },
            {
              "name": "11084",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11084"
            },
            {
              "name": "MDKSA-2004:089",
              "refsource": "MANDRAKE",
              "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089"
            },
            {
              "name": "GLSA-200409-12",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0802",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-08-25T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.483Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-2395

Vulnerability from cvelistv5

Published

2005-08-17 04:00

Modified

2024-08-08 01:22

Severity ?

Summary

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/10370	vdb-entry, x_refsource_BID
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:045	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16180	vdb-entry, x_refsource_XF
	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:22:13.698Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10370",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10370"
          },
          {
            "name": "MDKSA-2004:045",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
          },
          {
            "name": "passwd-memory-leak(16180)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16180"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10370",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10370"
        },
        {
          "name": "MDKSA-2004:045",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
        },
        {
          "name": "passwd-memory-leak(16180)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16180"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2395",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10370",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10370"
            },
            {
              "name": "MDKSA-2004:045",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:045"
            },
            {
              "name": "passwd-memory-leak(16180)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16180"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060",
              "refsource": "MISC",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2395",
    "datePublished": "2005-08-17T04:00:00",
    "dateReserved": "2005-08-17T00:00:00",
    "dateUpdated": "2024-08-08T01:22:13.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0169

Vulnerability from cvelistv5

Published

2001-05-07 04:00

Modified

2024-08-08 04:06

Severity ?

Summary

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

References

▼	URL	Tags
	http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2001/dsa-039	vendor-advisory, x_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5971	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/2223	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/157650	mailing-list, x_refsource_BUGTRAQ
	http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2	vendor-advisory, x_refsource_MANDRAKE
	http://www.redhat.com/support/errata/RHSA-2001-002.html	vendor-advisory, x_refsource_REDHAT
	http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html	vendor-advisory, x_refsource_TURBO
	http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt	vendor-advisory, x_refsource_CALDERA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:55.519Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SuSE-SA:2001:01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html"
          },
          {
            "name": "DSA-039",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2001/dsa-039"
          },
          {
            "name": "linux-glibc-preload-overwrite(5971)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971"
          },
          {
            "name": "2223",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2223"
          },
          {
            "name": "20010121 Trustix Security Advisory - glibc",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/157650"
          },
          {
            "name": "MDKSA-2001:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2"
          },
          {
            "name": "RHSA-2001:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html"
          },
          {
            "name": "TLSA2000021-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html"
          },
          {
            "name": "CSSA-2001-007",
            "tags": [
              "vendor-advisory",
              "x_refsource_CALDERA",
              "x_transferred"
            ],
            "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-09-02T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SuSE-SA:2001:01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html"
        },
        {
          "name": "DSA-039",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2001/dsa-039"
        },
        {
          "name": "linux-glibc-preload-overwrite(5971)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971"
        },
        {
          "name": "2223",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2223"
        },
        {
          "name": "20010121 Trustix Security Advisory - glibc",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/157650"
        },
        {
          "name": "MDKSA-2001:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2"
        },
        {
          "name": "RHSA-2001:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html"
        },
        {
          "name": "TLSA2000021-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html"
        },
        {
          "name": "CSSA-2001-007",
          "tags": [
            "vendor-advisory",
            "x_refsource_CALDERA"
          ],
          "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0169",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SuSE-SA:2001:01",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html"
            },
            {
              "name": "DSA-039",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2001/dsa-039"
            },
            {
              "name": "linux-glibc-preload-overwrite(5971)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971"
            },
            {
              "name": "2223",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2223"
            },
            {
              "name": "20010121 Trustix Security Advisory - glibc",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/157650"
            },
            {
              "name": "MDKSA-2001:012",
              "refsource": "MANDRAKE",
              "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2"
            },
            {
              "name": "RHSA-2001:002",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html"
            },
            {
              "name": "TLSA2000021-2",
              "refsource": "TURBO",
              "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html"
            },
            {
              "name": "CSSA-2001-007",
              "refsource": "CALDERA",
              "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0169",
    "datePublished": "2001-05-07T04:00:00",
    "dateReserved": "2001-03-08T00:00:00",
    "dateUpdated": "2024-08-08T04:06:55.519Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0817

Vulnerability from cvelistv5

Published

2004-09-17 04:00

Modified

2024-08-08 00:31

Severity ?

Summary

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

References

▼	URL	Tags
	http://www.redhat.com/support/errata/RHSA-2004-465.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2004/dsa-548	vendor-advisory, x_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=MDKSA-2004:089	vendor-advisory, x_refsource_MANDRAKE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17182	vdb-entry, x_refsource_XF
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1	vendor-advisory, x_refsource_SUNALERT
	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870	vendor-advisory, x_refsource_CONECTIVA
	http://www.securityfocus.com/bid/11084	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843	vdb-entry, signature, x_refsource_OVAL
	http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml	vendor-advisory, x_refsource_GENTOO

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.476Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2004:465",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
          },
          {
            "name": "DSA-548",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-548"
          },
          {
            "name": "MDKSA-2004:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
          },
          {
            "name": "imlib-bmp-bo(17182)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
          },
          {
            "name": "201611",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
          },
          {
            "name": "CLA-2004:870",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
          },
          {
            "name": "11084",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11084"
          },
          {
            "name": "oval:org.mitre.oval:def:8843",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
          },
          {
            "name": "GLSA-200409-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2004:465",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
        },
        {
          "name": "DSA-548",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-548"
        },
        {
          "name": "MDKSA-2004:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
        },
        {
          "name": "imlib-bmp-bo(17182)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
        },
        {
          "name": "201611",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
        },
        {
          "name": "CLA-2004:870",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
        },
        {
          "name": "11084",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11084"
        },
        {
          "name": "oval:org.mitre.oval:def:8843",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
        },
        {
          "name": "GLSA-200409-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0817",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2004:465",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-465.html"
            },
            {
              "name": "DSA-548",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-548"
            },
            {
              "name": "MDKSA-2004:089",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:089"
            },
            {
              "name": "imlib-bmp-bo(17182)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17182"
            },
            {
              "name": "201611",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1"
            },
            {
              "name": "CLA-2004:870",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000870"
            },
            {
              "name": "11084",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11084"
            },
            {
              "name": "oval:org.mitre.oval:def:8843",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843"
            },
            {
              "name": "GLSA-200409-12",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0817",
    "datePublished": "2004-09-17T04:00:00",
    "dateReserved": "2004-08-25T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to mandrakesoft - mandrake_linux_corporate_server

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5