Search criteria
196 vulnerabilities found for ubuntu_linux by ubuntu
FKIE_CVE-2010-0834
Vulnerability from fkie_nvd - Published: 2010-08-10 12:23 - Updated: 2025-04-11 00:51
Severity ?
Summary
The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ubuntu | ubuntu_linux | 9.10 | |
| ubuntu | ubuntu_linux | 10.04 | |
| dell | latitude_2110_netbook | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9BF8A-AD42-401F-A8CA-486B6DCD47BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "3976D70F-3D30-4EFF-9777-C687B293606B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:latitude_2110_netbook:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30DE3567-65F0-431D-B12A-B2764BA313FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package."
},
{
"lang": "es",
"value": "El paquete base-files anterior a v5.0.0ubuntu7.1 en Ubuntu v9.10 y anterior a v5.0.0ubuntu20.10.04.2 en Ubuntu v10.04 LTS, como los incluidos en port\u00e1tiles Dell Latitude 2110, no necesitan autenticaci\u00f3n para la instalaci\u00f3n de paquetes, lo que permite a atacantes con servidores de archivos remotos y \"man-in-the-middle\" (intermediario) ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de paquetes manipulados."
}
],
"id": "CVE-2010-0834",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-10T12:23:05.850",
"references": [
{
"source": "security@ubuntu.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40889"
},
{
"source": "security@ubuntu.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/42280"
},
{
"source": "security@ubuntu.com",
"url": "http://www.ubuntu.com/usn/usn-968-1"
},
{
"source": "security@ubuntu.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/42280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-968-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2015"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0365
Vulnerability from fkie_nvd - Published: 2009-03-05 02:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ubuntu | ubuntu_linux | 6.06 | |
| ubuntu | ubuntu_linux | 7.10 | |
| ubuntu | ubuntu_linux | 8.04 | |
| ubuntu | ubuntu_linux | 8.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06:-:lts:*:*:*:*:*",
"matchCriteriaId": "678EC327-EAC6-4923-9987-A9B78111B5C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "06FD8602-7069-41C6-B65C-84928EDCE2D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:8.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "12DD761F-EA6F-4139-94ED-94EBC0F6A87D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED67B852-4B37-4B79-8F4D-23B2FEACA4ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler."
},
{
"lang": "es",
"value": "El manipulador de peticiones dbus en (1) network-manager-applet y (2) NetworkManager en Ubuntu v6.06 LTS, v7.10, v8.04 LTS, and v8.10 no verifica adecuadamente los privilegios, lo que permite a usuarios locales descubrir (a)las contrase\u00f1as de la conexi\u00f3n de red y (b)Las claves pre-compartidas a trav\u00e9s de peticiones sin especificar."
}
],
"id": "CVE-2009-0365",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-05T02:30:00.313",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34067"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34177"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34473"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021910"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021911"
},
{
"source": "cve@mitre.org",
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"source": "cve@mitre.org",
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021908"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0578
Vulnerability from fkie_nvd - Published: 2009-03-05 02:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ubuntu | ubuntu_linux | 8.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "ED67B852-4B37-4B79-8F4D-23B2FEACA4ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console."
},
{
"lang": "es",
"value": "network-manager-applet en Ubuntu 8.10 no verifica adecuadamente los privilegios para las peticiones dbus(1) \"modify\" y (2) \"delete\", lo que permite a usuarios locales modificar o eliminar las conexiones de red de usuarios de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2009-0578",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-05T02:30:00.343",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/34067"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/34473"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/33966"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1021909"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-5365
Vulnerability from fkie_nvd - Published: 2007-10-11 10:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16C117F3-3684-4683-9F9E-CEDD5B88F9CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF8DD37-A337-4E9D-A34E-C2D561A24285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*",
"matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*",
"matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_01:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7317C4A1-1365-40DD-A86F-808B64863750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_01:*:x86:*:*:*:*:*",
"matchCriteriaId": "7188371F-AE6E-437D-8F75-DE7049A51000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_02:*:sparc:*:*:*:*:*",
"matchCriteriaId": "79D94087-1308-408F-8C73-600B73AD958F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_02:*:x86:*:*:*:*:*",
"matchCriteriaId": "015968E1-B81E-4242-B4DF-94716179053B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_03:*:sparc:*:*:*:*:*",
"matchCriteriaId": "DA468ACC-9AE2-4EF6-9B09-CF63092021D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_03:*:x86:*:*:*:*:*",
"matchCriteriaId": "92262770-06B3-4B68-8DBE-AB6C61135F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_04:*:sparc:*:*:*:*:*",
"matchCriteriaId": "16719C48-5A35-4FEC-BE5F-3EA10A0357CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_04:*:x86:*:*:*:*:*",
"matchCriteriaId": "C4DC58C1-792B-433D-A27B-5731C8414EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_05:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5F87D3D5-0D3F-44BB-B15B-BB6D903A56E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_05:*:x86:*:*:*:*:*",
"matchCriteriaId": "4AC63928-38F2-4677-8CBC-2F7DE0EF078F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_06:*:sparc:*:*:*:*:*",
"matchCriteriaId": "438EA608-2748-49E9-9B2A-663C774E627F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_06:*:x86:*:*:*:*:*",
"matchCriteriaId": "41B216C6-4BE9-4D47-A86E-4AD50ECB8F07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_07:*:sparc:*:*:*:*:*",
"matchCriteriaId": "B7E3945D-1580-4C68-93E0-E4CF96620C6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_07:*:x86:*:*:*:*:*",
"matchCriteriaId": "32AE7035-EA81-4A9B-A4C3-B85844E24FA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_08:*:sparc:*:*:*:*:*",
"matchCriteriaId": "51469BA0-7B46-4E79-9E35-A388AD834B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_08:*:x86:*:*:*:*:*",
"matchCriteriaId": "948CAA3F-C5B0-434E-A4B1-16600729A17E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_09:*:sparc:*:*:*:*:*",
"matchCriteriaId": "49F52449-96AB-45BA-95F6-581F720D1819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_09:*:x86:*:*:*:*:*",
"matchCriteriaId": "168AD0C1-B437-4B5D-8AC4-BA4C6C60829B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7FC6243A-A896-4E52-B241-BDEA7486DAC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_10:*:x86:*:*:*:*:*",
"matchCriteriaId": "CDAD01B1-25E3-4ABD-BA48-03491D9C0D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_11:*:sparc:*:*:*:*:*",
"matchCriteriaId": "E88850F1-A647-44B3-806A-71FC157D4964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_11:*:x86:*:*:*:*:*",
"matchCriteriaId": "B38088AD-968D-44B9-ABCE-4E4D8675A88A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_12:*:sparc:*:*:*:*:*",
"matchCriteriaId": "9D15E371-4317-4882-BA09-F8CABB632C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_12:*:x86:*:*:*:*:*",
"matchCriteriaId": "7C385492-0B33-4757-9907-E69C7F709527",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_13:*:sparc:*:*:*:*:*",
"matchCriteriaId": "311FC329-D973-4F51-B110-7FF1ED40DFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_13:*:x86:*:*:*:*:*",
"matchCriteriaId": "01C7A393-6744-4913-A9CC-75F311D2C59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_14:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0288EC6B-C561-475C-9A3D-1ACF395B7326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_14:*:x86:*:*:*:*:*",
"matchCriteriaId": "F4961C98-1C39-4E6E-A0DB-C48E40F4FF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_15:*:sparc:*:*:*:*:*",
"matchCriteriaId": "D5CBEFF0-7B69-4831-AAC7-C02455D42900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_15:*:x86:*:*:*:*:*",
"matchCriteriaId": "4DCF6792-8671-4CC0-99D5-7224E2B751A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_16:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6D4F7E6E-330F-4E02-A2FE-F7288ADFFA0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_16:*:x86:*:*:*:*:*",
"matchCriteriaId": "FFB7E165-13D6-41D5-B1C3-F96669E54796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_17:*:sparc:*:*:*:*:*",
"matchCriteriaId": "B5D6CD58-C4AF-42AC-9377-EC1F1308FF29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_17:*:x86:*:*:*:*:*",
"matchCriteriaId": "D6011B94-9326-47A7-8292-BA0210401DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_18:*:sparc:*:*:*:*:*",
"matchCriteriaId": "AF924217-C227-4B90-9781-00561CE9C54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_18:*:x86:*:*:*:*:*",
"matchCriteriaId": "9C2C4B0B-9B7A-4861-8CA8-64FC84DF31BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_19:*:sparc:*:*:*:*:*",
"matchCriteriaId": "114D9D19-23BC-41AF-9B30-40AB2852E74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_19:*:x86:*:*:*:*:*",
"matchCriteriaId": "F36C1E99-8CCD-48B7-94A7-8753AD7D6FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_20:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F620054A-4D53-443B-8897-B2A5AB928CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_20:*:x86:*:*:*:*:*",
"matchCriteriaId": "2F57B586-3593-41F9-9D01-0E18F58EB81A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_21:*:sparc:*:*:*:*:*",
"matchCriteriaId": "FD1FDEB4-E659-41D0-B81E-FC1A1391288E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_21:*:x86:*:*:*:*:*",
"matchCriteriaId": "2E3B6A48-CA60-4ED9-BFF9-0FCDFABA865A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_22:*:sparc:*:*:*:*:*",
"matchCriteriaId": "218570AD-18C7-440E-A5BD-F16708ED4B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_22:*:x86:*:*:*:*:*",
"matchCriteriaId": "09162A43-7EF2-464D-AD60-7046456932B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_23:*:sparc:*:*:*:*:*",
"matchCriteriaId": "2336F214-18CC-42A5-9DD0-1F1C09959CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_23:*:x86:*:*:*:*:*",
"matchCriteriaId": "3A4ECA0D-AB73-4790-945B-98CF6E27B94F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_24:*:sparc:*:*:*:*:*",
"matchCriteriaId": "207D2103-58A9-4BF9-81EF-74B264DB1B4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_24:*:x86:*:*:*:*:*",
"matchCriteriaId": "530E1CDB-3B46-4762-875F-0B1075790204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_25:*:sparc:*:*:*:*:*",
"matchCriteriaId": "8A4F9110-059D-4F6E-9414-762BD6142CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_25:*:x86:*:*:*:*:*",
"matchCriteriaId": "55888CA5-938A-42D4-9898-93ED1AD88650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_26:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F1B245F6-DE46-4D52-98EE-32601FBCD254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_26:*:x86:*:*:*:*:*",
"matchCriteriaId": "5D99E1F3-0341-43A9-9692-2AC812811EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_27:*:sparc:*:*:*:*:*",
"matchCriteriaId": "28F4B989-7F55-467F-AD1A-AB965D31F504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_27:*:x86:*:*:*:*:*",
"matchCriteriaId": "27CA0C51-8331-459A-8256-9E363BE313BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_28:*:sparc:*:*:*:*:*",
"matchCriteriaId": "9B6404BC-090E-419B-B10C-D275D5C0BFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_28:*:x86:*:*:*:*:*",
"matchCriteriaId": "3FD00DE9-D8A8-4A03-B4B8-3F4368ADDDE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_29:*:sparc:*:*:*:*:*",
"matchCriteriaId": "4CF81FF0-D544-4C56-AD2E-51098DF2A1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_29:*:x86:*:*:*:*:*",
"matchCriteriaId": "4EFFA4CB-0984-4686-94BD-CE4D8AD70C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_30:*:sparc:*:*:*:*:*",
"matchCriteriaId": "65F861F1-E66D-479D-838D-19D94DF03736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_30:*:x86:*:*:*:*:*",
"matchCriteriaId": "BF0C5932-3B2B-44C8-8C0C-31A0CB66FF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_31:*:sparc:*:*:*:*:*",
"matchCriteriaId": "71FDF1A5-BD49-4E00-979E-3F953265E681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_31:*:x86:*:*:*:*:*",
"matchCriteriaId": "B40B4B4C-34F3-4591-8989-D7D138D54C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_32:*:sparc:*:*:*:*:*",
"matchCriteriaId": "815771B3-541B-41D5-925F-29CB74900668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_32:*:x86:*:*:*:*:*",
"matchCriteriaId": "14FD3B27-6379-4F5C-9172-2A0494667727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_33:*:sparc:*:*:*:*:*",
"matchCriteriaId": "1EEAE62A-8BFA-4EB4-B4E9-DF83F4A33CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_33:*:x86:*:*:*:*:*",
"matchCriteriaId": "114D8B9E-BDE9-49E6-9CD3-18B087522577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_34:*:sparc:*:*:*:*:*",
"matchCriteriaId": "72827B1E-3F3D-40A0-AEEB-0CFFB12BF6D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_34:*:x86:*:*:*:*:*",
"matchCriteriaId": "8275DABB-E792-4134-8418-496109936C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_35:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6F61F300-FEB0-42A7-87AE-E99AF2C26827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_35:*:x86:*:*:*:*:*",
"matchCriteriaId": "56768A4B-ABC8-4CF8-ABF1-059C8D4373CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_36:*:sparc:*:*:*:*:*",
"matchCriteriaId": "E64D67D0-E57D-46A9-BA7E-BB7FA05C0907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_36:*:x86:*:*:*:*:*",
"matchCriteriaId": "E249DDE1-EC3B-4A5C-A900-498526173570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_37:*:sparc:*:*:*:*:*",
"matchCriteriaId": "9500D5B2-DA1D-4082-83E4-92715D7F2D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_37:*:x86:*:*:*:*:*",
"matchCriteriaId": "2BE4A7FC-6112-4879-B083-19CC70DC6B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_38:*:sparc:*:*:*:*:*",
"matchCriteriaId": "DD44C2D3-A690-4A9B-B855-EC2FEE8F5169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_38:*:x86:*:*:*:*:*",
"matchCriteriaId": "DE882906-FF9D-492A-BDB7-237575D5E278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_39:*:sparc:*:*:*:*:*",
"matchCriteriaId": "C92D0B2A-BA10-4AEB-84B9-962DD1AA76EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_39:*:x86:*:*:*:*:*",
"matchCriteriaId": "977AA6F7-F821-4229-B413-276231366899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_40:*:sparc:*:*:*:*:*",
"matchCriteriaId": "BF7D0B02-7E5C-4760-96B2-902C680B897C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_40:*:x86:*:*:*:*:*",
"matchCriteriaId": "F7B6E01F-E4EA-497E-BFB3-975F0123B4E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_41:*:sparc:*:*:*:*:*",
"matchCriteriaId": "CF68EA11-632F-4710-8CC7-192AF1BD7BB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_41:*:x86:*:*:*:*:*",
"matchCriteriaId": "9E644312-D55A-427F-BE4C-9AD280CC73F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_42:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F9EC26BC-09D3-4F19-864F-7A1C4EC4756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_42:*:x86:*:*:*:*:*",
"matchCriteriaId": "E7B7C4DE-DD83-4F61-B214-F0F9BD76E188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_43:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5994A4EE-3808-4863-B771-36864E202679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_43:*:x86:*:*:*:*:*",
"matchCriteriaId": "EF568362-9967-4ACB-A880-163A2E14D99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_44:*:sparc:*:*:*:*:*",
"matchCriteriaId": "E977D01C-9C4B-411F-844E-7464147A12D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_44:*:x86:*:*:*:*:*",
"matchCriteriaId": "13B5EE88-E97B-47A1-8999-21C8C4D0C0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_45:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A37177FE-FB56-4BCB-88BA-B91963DA19EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_45:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD456A40-4017-4509-A4B0-44FBB3443645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_46:*:sparc:*:*:*:*:*",
"matchCriteriaId": "BE640F29-CD64-44DD-9561-E205C5C241C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_46:*:x86:*:*:*:*:*",
"matchCriteriaId": "F9456E55-1587-4BBF-A073-601D34E0CDB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_47:*:sparc:*:*:*:*:*",
"matchCriteriaId": "078D7F9B-E2A8-4DC2-AD2E-FB0865091ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_47:*:x86:*:*:*:*:*",
"matchCriteriaId": "CD289DC7-2779-47B6-B44C-6B3C6EC5F93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_48:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0FE35481-4580-4208-A6FA-7A0429D73793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_48:*:x86:*:*:*:*:*",
"matchCriteriaId": "8163CA38-BF92-4F02-85EA-E6EFD5A500F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_49:*:sparc:*:*:*:*:*",
"matchCriteriaId": "84652D52-B89B-4127-9670-5FCDBBDE8053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_49:*:x86:*:*:*:*:*",
"matchCriteriaId": "6043F9A0-5FA1-4101-8452-E7A8652FE79C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_50:*:sparc:*:*:*:*:*",
"matchCriteriaId": "CE51773E-C93C-4549-907A-5AF380F24B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_50:*:x86:*:*:*:*:*",
"matchCriteriaId": "3CDC9FF7-5FC1-4473-920F-37105009BF2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_51:*:sparc:*:*:*:*:*",
"matchCriteriaId": "D98D67BD-6C94-4E77-B6AC-3199C281A1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_51:*:x86:*:*:*:*:*",
"matchCriteriaId": "6789ECB3-925F-4E16-9213-12FE3EB191CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_52:*:sparc:*:*:*:*:*",
"matchCriteriaId": "914CF995-B18B-43D2-AA9D-B486E768AFD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_52:*:x86:*:*:*:*:*",
"matchCriteriaId": "9D309DD1-37A6-49BC-B8DB-6260D47DDD71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_53:*:sparc:*:*:*:*:*",
"matchCriteriaId": "922EE565-E3C2-44BA-9970-224FF874AE4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_53:*:x86:*:*:*:*:*",
"matchCriteriaId": "28CBB9C9-54DB-4259-9D9F-C617E23C4221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_54:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F8E26C9E-F87E-4484-89B9-42471F8410B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_54:*:x86:*:*:*:*:*",
"matchCriteriaId": "FC09D568-2B1E-46A2-9029-B3850E5A1167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_55:*:sparc:*:*:*:*:*",
"matchCriteriaId": "79E3D7EB-5B19-4D35-BE23-AB477E08FFEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_55:*:x86:*:*:*:*:*",
"matchCriteriaId": "96E164AF-3346-4FF3-875A-5EA239F50BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_56:*:sparc:*:*:*:*:*",
"matchCriteriaId": "B06BC6D2-385C-4BC4-9AAB-EEFF600DF2EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_56:*:x86:*:*:*:*:*",
"matchCriteriaId": "D3B05762-2B56-41A1-B424-54A5CFFEC47A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_57:*:sparc:*:*:*:*:*",
"matchCriteriaId": "15B2F895-CBFB-4E19-AF7E-7011EB0A372E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_57:*:x86:*:*:*:*:*",
"matchCriteriaId": "A6442F9F-E16E-4146-BA6D-92BBCB71EC63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_58:*:sparc:*:*:*:*:*",
"matchCriteriaId": "311F14F7-EE01-4525-8C58-8BF650246026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_58:*:x86:*:*:*:*:*",
"matchCriteriaId": "4D10B1B2-698B-4F02-9392-682AF78EC633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_59:*:sparc:*:*:*:*:*",
"matchCriteriaId": "BC339789-4DC4-4A82-A1BE-CE59AC0D657F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_59:*:x86:*:*:*:*:*",
"matchCriteriaId": "B69EECEC-86DB-4F35-9204-B0931ABC28DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_60:*:sparc:*:*:*:*:*",
"matchCriteriaId": "CF7C1C94-48A4-4F46-A337-92EB7B8C6837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_60:*:x86:*:*:*:*:*",
"matchCriteriaId": "8130EE2C-DC76-4BE3-B2DC-6FC540CD5277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_61:*:sparc:*:*:*:*:*",
"matchCriteriaId": "14C63D62-F6D4-4616-AF05-5E3387D63BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_61:*:x86:*:*:*:*:*",
"matchCriteriaId": "CFC0C58B-980F-4C65-97BF-67C9E731BA11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_62:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6624E8DE-696A-402C-9088-CFE8ECC086BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_62:*:x86:*:*:*:*:*",
"matchCriteriaId": "B0F7D5DE-0491-47F6-834A-0FA208213010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_63:*:sparc:*:*:*:*:*",
"matchCriteriaId": "04B5A32E-3D42-4500-A2BE-7ADFF3903386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_63:*:x86:*:*:*:*:*",
"matchCriteriaId": "8071BF6A-789C-4DB7-8247-B86EA34DB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_64:*:sparc:*:*:*:*:*",
"matchCriteriaId": "244EBFE7-05DD-4BBB-9793-310D71AC1721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_64:*:x86:*:*:*:*:*",
"matchCriteriaId": "EECE627D-3AE8-4207-87A8-F95746F693F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_65:*:sparc:*:*:*:*:*",
"matchCriteriaId": "325EF996-AB8D-48CE-9A59-D338C823D927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_65:*:x86:*:*:*:*:*",
"matchCriteriaId": "E6950900-2293-4DA0-89E8-DAFABBF423DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_66:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0EC8063A-1266-4443-B404-BB9C4D265B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_66:*:x86:*:*:*:*:*",
"matchCriteriaId": "AB4764E7-E772-45BC-896B-C7BE287A8EAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_67:*:sparc:*:*:*:*:*",
"matchCriteriaId": "424C989F-99C8-4337-AF15-4A51329938DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_67:*:x86:*:*:*:*:*",
"matchCriteriaId": "4122F0EE-3A2F-456F-B8CF-82565F8DCD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_68:*:sparc:*:*:*:*:*",
"matchCriteriaId": "DA7ED4ED-938F-44B7-85ED-AFA6728DFE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_68:*:x86:*:*:*:*:*",
"matchCriteriaId": "5686A925-4978-4883-8DC1-978B09DC9489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_69:*:sparc:*:*:*:*:*",
"matchCriteriaId": "43F1BFC7-BA9F-44EE-BD08-F70DFB2CFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_69:*:x86:*:*:*:*:*",
"matchCriteriaId": "13B81B14-84C8-468A-AE11-30C4CB85E6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_70:*:sparc:*:*:*:*:*",
"matchCriteriaId": "059880C5-B7FF-492D-97CA-FBC174FF8BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_70:*:x86:*:*:*:*:*",
"matchCriteriaId": "6395A3A9-97F2-4C88-B6D6-70DB2ACDC70D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_71:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5AC08000-2E71-465A-85F0-1AB8D1A51762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_71:*:x86:*:*:*:*:*",
"matchCriteriaId": "8CC54F69-E96A-482F-B43D-2E3A7EC90E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_72:*:sparc:*:*:*:*:*",
"matchCriteriaId": "D5CCA31F-9BF3-4E6F-B72C-1A54AFB1D07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_72:*:x86:*:*:*:*:*",
"matchCriteriaId": "CDC656B7-529A-4963-955D-301A11CF5D09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_73:*:sparc:*:*:*:*:*",
"matchCriteriaId": "C5D58609-62CB-446F-995E-FD334B89F6BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_73:*:x86:*:*:*:*:*",
"matchCriteriaId": "506769C9-D306-4EEC-BE2E-6E501CBE90BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_74:*:sparc:*:*:*:*:*",
"matchCriteriaId": "D45394E8-BE87-4BAC-89CE-B1F0E4BBBE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_74:*:x86:*:*:*:*:*",
"matchCriteriaId": "37540C8F-FCC1-42DA-8EE3-D3E4FA5B315C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_75:*:sparc:*:*:*:*:*",
"matchCriteriaId": "1B0F8F99-99B0-4A01-884B-442CEF8D061A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_75:*:x86:*:*:*:*:*",
"matchCriteriaId": "7AD5054B-18D8-44AE-AA4F-A07D12A63E55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_76:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0CCE3456-0BA0-4303-B7CE-22B63EE86F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_76:*:x86:*:*:*:*:*",
"matchCriteriaId": "4BAD68C2-4AA2-4346-B279-51206E0651FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_77:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A4027F7E-F867-4DC7-BA53-08D7B36E13F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_77:*:x86:*:*:*:*:*",
"matchCriteriaId": "96F3D4B3-7828-40EB-BD67-A3CD5B210787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_78:*:sparc:*:*:*:*:*",
"matchCriteriaId": "906228D3-2561-45C0-A79D-BAAC9F1AD7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_78:*:x86:*:*:*:*:*",
"matchCriteriaId": "C166F9F7-E8AB-4BA1-AEB6-1E7964976801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_79:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7BE4DE93-D189-4528-89DA-17E9325457E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_79:*:x86:*:*:*:*:*",
"matchCriteriaId": "12B6730F-6CF1-4990-953F-1CC76D78B618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_80:*:sparc:*:*:*:*:*",
"matchCriteriaId": "C4D46760-1924-4713-963E-E4A9AD085394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_80:*:x86:*:*:*:*:*",
"matchCriteriaId": "03B96DE7-70BD-4CD8-9574-8C024E51E91C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_81:*:sparc:*:*:*:*:*",
"matchCriteriaId": "B579204A-62EB-4D86-A22B-0726B9CB88DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_81:*:x86:*:*:*:*:*",
"matchCriteriaId": "52D5BB76-FF5E-4BBA-A2D0-00EB574B9104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_82:*:sparc:*:*:*:*:*",
"matchCriteriaId": "636FD13F-0A30-4B03-8AEC-ED225FC71251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_82:*:x86:*:*:*:*:*",
"matchCriteriaId": "C29B1192-D709-48FB-816C-B4F30460E957",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_83:*:sparc:*:*:*:*:*",
"matchCriteriaId": "B0593352-A568-4DDA-B1B8-77FA6DC93B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_83:*:x86:*:*:*:*:*",
"matchCriteriaId": "6DB1AC08-2564-4AAB-82AE-EB504FAA34FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_84:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5299CAB1-9819-4AE4-9429-8CA32F692C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_84:*:x86:*:*:*:*:*",
"matchCriteriaId": "46D8D5D1-8855-4116-99B3-EA1F78FDEF02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_85:*:sparc:*:*:*:*:*",
"matchCriteriaId": "ECD23A89-A86B-44D3-A3D1-EFF3D8551DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_85:*:x86:*:*:*:*:*",
"matchCriteriaId": "999FFE1D-D7D4-476B-8A46-9D0179DB570B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_86:*:sparc:*:*:*:*:*",
"matchCriteriaId": "75B778E3-EFCF-4AB0-B2C7-E585C190CD3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_86:*:x86:*:*:*:*:*",
"matchCriteriaId": "2B14945C-350A-4895-92C1-932208533F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_87:*:sparc:*:*:*:*:*",
"matchCriteriaId": "80CFB4CD-CE38-4F24-87EE-0CA622E4E9A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_87:*:x86:*:*:*:*:*",
"matchCriteriaId": "513D435B-D28B-4833-88E6-A1A8743177F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*",
"matchCriteriaId": "460EE9E9-27BA-4C8B-9F06-BBA648105720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_88:*:x86:*:*:*:*:*",
"matchCriteriaId": "4126C6C9-90AB-470E-AF83-4ED1FDD90511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_89:*:sparc:*:*:*:*:*",
"matchCriteriaId": "57CA01EF-2AFC-44FB-96EE-AF85B3019BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_89:*:x86:*:*:*:*:*",
"matchCriteriaId": "3275E47F-5A4B-4843-A07C-82DEE852672C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_90:*:sparc:*:*:*:*:*",
"matchCriteriaId": "CD673F9F-442E-4997-A0E3-D4B595D16B3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_90:*:x86:*:*:*:*:*",
"matchCriteriaId": "58017DDC-63B3-458C-9803-4683211A4C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_91:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0BEADEEA-4D63-4E69-BFEE-02205150F909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_91:*:x86:*:*:*:*:*",
"matchCriteriaId": "6692EE63-A76B-47C3-BC0D-7C15CA6FE013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_92:*:sparc:*:*:*:*:*",
"matchCriteriaId": "54DA5312-D935-444E-8154-514C5BD6E3F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_92:*:x86:*:*:*:*:*",
"matchCriteriaId": "BA1E27E5-FE20-42FA-9A61-A7174E705EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_93:*:sparc:*:*:*:*:*",
"matchCriteriaId": "EA41BAD9-BC09-4E5C-8759-AD4E4D2B3ACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_93:*:x86:*:*:*:*:*",
"matchCriteriaId": "65A32803-580D-4D07-B39B-2159258CBA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_94:*:sparc:*:*:*:*:*",
"matchCriteriaId": "FF6EFE12-51AD-4879-9529-B7EA425059C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_94:*:x86:*:*:*:*:*",
"matchCriteriaId": "13B51612-3BD6-449F-AD63-D01F8D05B269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_95:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7E32AD47-A96B-4A83-AEA2-98E6DD1FD5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_95:*:x86:*:*:*:*:*",
"matchCriteriaId": "4B2E7E54-2268-4C54-9363-C2D363D3A447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_96:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7A54DEC9-4F04-4E0A-B253-8822F114DCC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_96:*:x86:*:*:*:*:*",
"matchCriteriaId": "F6000B0F-0E72-4E68-A5EE-35BA6FB59C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_97:*:sparc:*:*:*:*:*",
"matchCriteriaId": "447E9E9E-5B19-4261-8B70-F63EAE61DB95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_97:*:x86:*:*:*:*:*",
"matchCriteriaId": "51AB0746-66E6-4FF5-9CB2-42E29A01C961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_98:*:sparc:*:*:*:*:*",
"matchCriteriaId": "2B4A015E-802F-4440-AF10-683B5E0586B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_98:*:x86:*:*:*:*:*",
"matchCriteriaId": "D1A9DCF7-F469-4D77-966F-3721F377D80B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_99:*:sparc:*:*:*:*:*",
"matchCriteriaId": "04D12F3A-4C47-4B49-B3DE-484C1EE466E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_99:*:x86:*:*:*:*:*",
"matchCriteriaId": "3D028821-CA38-48C4-9324-222526AC8413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_100:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5BE8232A-2464-449A-A7B6-D44447AA9080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_100:*:x86:*:*:*:*:*",
"matchCriteriaId": "1F2CB558-9390-4AAE-A66D-E3DA537E3115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_101:*:sparc:*:*:*:*:*",
"matchCriteriaId": "37D9D7A5-63F5-49F6-90EE-EBE5B3FA6DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_101:*:x86:*:*:*:*:*",
"matchCriteriaId": "5ED4FAD0-E91F-438D-A3CB-BACFB7F7E975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_102:*:sparc:*:*:*:*:*",
"matchCriteriaId": "6061C499-21A8-4EC4-B5AD-F6E876B15C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:opensolaris:snv_102:*:x86:*:*:*:*:*",
"matchCriteriaId": "411B33D1-F55D-42C0-9046-040ABC42E31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "32CF7469-6D2F-4E34-8013-7F0D3433D0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06:_nil_:lts:*:*:*:*:*",
"matchCriteriaId": "8CC514F1-FFCF-4ADD-8A2C-F22C693F9DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "33904E65-D50D-4EAE-885D-FE2EBF535F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A940B9-A553-4A0B-8ECF-52FD26894285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "06FD8602-7069-41C6-B65C-84928EDCE2D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n cons_options en el archivo options.c en dhcpd en OpenBSD versiones 4.0 hasta 4.2, y algunas otras implementaciones de dhcpd basadas en ISC dhcp-2, permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo del demonio) por medio de una petici\u00f3n DHCP que especifica un tama\u00f1o m\u00e1ximo de mensaje m\u00e1s peque\u00f1o que el IP MTU m\u00ednimo."
}
],
"id": "CVE-2007-5365",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-11T10:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27160"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27273"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27338"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27350"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32668"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021157"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25984"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32213"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018794"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/4601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/4601"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-4601
Vulnerability from fkie_nvd - Published: 2007-08-30 22:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ubuntu | ubuntu_linux | 7.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A940B9-A553-4A0B-8ECF-52FD26894285",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information."
},
{
"lang": "es",
"value": "Un error de regresi\u00f3n en tcp-wrappers versiones 7.6.dbs-10 y 7.6.dbs-11, podr\u00eda permitir a atacantes remotos omitir las restricciones de acceso previstas cuando un servicio usa la biblioteca libwrap pero no especifica la informaci\u00f3n de conexi\u00f3n del servidor."
}
],
"id": "CVE-2007-4601",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-30T22:17:00.000",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://bugs.debian.org/405342"
},
{
"source": "security@ubuntu.com",
"url": "http://osvdb.org/40140"
},
{
"source": "security@ubuntu.com",
"url": "http://secunia.com/advisories/26567"
},
{
"source": "security@ubuntu.com",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-507-1"
},
{
"source": "security@ubuntu.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"source": "security@ubuntu.com",
"url": "https://launchpad.net/bugs/135332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/405342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/40140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-507-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://launchpad.net/bugs/135332"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue was specific to a patch from Debian project and did not affect versions of tcp_wrappers packages as shipped with Red Hat Enterprise Linux.\n",
"lastModified": "2007-08-31T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-1352
Vulnerability from fkie_nvd - Published: 2007-04-06 01:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFADBA5A-8168-40B8-B5CA-0F1F7F9193D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*",
"matchCriteriaId": "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client_workstation:*:*:*:*:*",
"matchCriteriaId": "50988CF6-07E5-44BA-81C2-C33DD8E7151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia32:*:*:*:*:*",
"matchCriteriaId": "49F400D5-4CA7-4F7D-818B-DEBF58DEB113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "EF15862D-6108-4791-8817-622123C8D10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
"matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
"matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
"matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante una primera l\u00ednea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de mont\u00f3n."
}
],
"evaluatorSolution": "The vendor has addressed this vulnerability in the following product update: http://xorg.freedesktop.org/archive/X11R7.2/patches/",
"id": "CVE-2007-1352",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T01:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "secalert@redhat.com",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24756"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-1351
Vulnerability from fkie_nvd - Published: 2007-04-06 01:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "EF15862D-6108-4791-8817-622123C8D10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
"matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
"matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
"matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFADBA5A-8168-40B8-B5CA-0F1F7F9193D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "837EBF15-6C7D-46B8-8A90-9DFBF2C09FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E859A205-0DC2-4E28-8FF0-72D66DE9B280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F18E8C7B-53AC-4BC7-9E00-A70293172B58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rpath:rpath_linux:1:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD12BC0-1E50-49C6-AD0D-8CE90F0E8449",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*",
"matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop:*:*:*:*:*",
"matchCriteriaId": "FE524195-06F1-4504-9223-07596588CC70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:desktop_workstation:*:*:*:*:*",
"matchCriteriaId": "2FEED00F-3B70-4E57-AD80-7903AECED14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*",
"matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n bdfReadCharacters en (1) X.Org libXfont before 20070403 y (2) freetype 2.3.2 y permite a usuarios remotos validados ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de fuentes manipuladas BDF, las cueles dan como resultado un desbordamiento de pila."
}
],
"id": "CVE-2007-1351",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T01:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24756"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24768"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24776"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24885"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24889"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24921"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24996"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25096"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25495"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/28333"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/30161"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23402"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-5648
Vulnerability from fkie_nvd - Published: 2006-12-14 00:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ubuntu | ubuntu_linux | 6.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed."
},
{
"lang": "es",
"value": "Ubuntu Linux 6.10 para PowerPC (PPC) permite a usuarios locales provocar una denegaci\u00f3n de servicio (consumo de recursos) utilizando las funciones (1) sys_get_robust_list y (2) sys_set_robust_list para crear procesos que no pueden ser eliminados."
}
],
"id": "CVE-2006-5648",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2006-12-14T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23361"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23384"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23474"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21582"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2006-5649
Vulnerability from fkie_nvd - Published: 2006-12-14 00:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ubuntu | ubuntu_linux | 5.10 | |
| ubuntu | ubuntu_linux | 6.06_lts | |
| ubuntu | ubuntu_linux | 6.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE3B4BE-7B43-47C7-823A-C019DF12498F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:*:*:*:*:*:*",
"matchCriteriaId": "B8517E55-4357-4AFD-B571-5533123CB014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the \"alignment check exception handling\" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el \"manejador de excepciones del check de alineamiento\" en el Ubuntu 5.10, 6.06 LTS, y 6.10 para el PowerPC (PPC) permite a usuarios locales provocar una denegaci\u00f3n de servicio (kernel panic) mediante vectores sin especificar."
}
],
"id": "CVE-2006-5649",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2006-12-14T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23361"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23370"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23384"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23395"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23474"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21523"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"source": "cve@mitre.org",
"url": "http://www.us.debian.org/security/2006/dsa-1237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.us.debian.org/security/2006/dsa-1237"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, or 5. Red Hat Enterprise Linux 2.1 did not ship for PowerPC architecture.",
"lastModified": "2007-06-10T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2006-6235
Vulnerability from fkie_nvd - Published: 2006-12-07 11:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | privacy_guard | 1.2.4 | |
| gnu | privacy_guard | 1.2.5 | |
| gnu | privacy_guard | 1.2.6 | |
| gnu | privacy_guard | 1.2.7 | |
| gnu | privacy_guard | 1.3.3 | |
| gnu | privacy_guard | 1.3.4 | |
| gnu | privacy_guard | 1.4 | |
| gnu | privacy_guard | 1.4.1 | |
| gnu | privacy_guard | 1.4.2 | |
| gnu | privacy_guard | 1.4.2.1 | |
| gnu | privacy_guard | 1.4.2.2 | |
| gnu | privacy_guard | 1.4.3 | |
| gnu | privacy_guard | 1.4.4 | |
| gnu | privacy_guard | 1.4.5 | |
| gnu | privacy_guard | 1.9.10 | |
| gnu | privacy_guard | 1.9.15 | |
| gnu | privacy_guard | 1.9.20 | |
| gnu | privacy_guard | 2.0 | |
| gnu | privacy_guard | 2.0.1 | |
| gpg4win | gpg4win | 1.0.7 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | enterprise_linux_desktop | 4.0 | |
| redhat | fedora_core | core_5.0 | |
| redhat | fedora_core | core6 | |
| redhat | linux_advanced_workstation | 2.1 | |
| rpath | linux | 1 | |
| slackware | slackware_linux | 11.0 | |
| ubuntu | ubuntu_linux | 5.10 | |
| ubuntu | ubuntu_linux | 6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "76CAFD24-E53F-488C-BD9F-BE31D30828AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D3628A-3BDD-4C6F-AE7D-C81FC3EE1630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "74589745-A9A6-44DB-B4F0-B61B663ECA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2B99CB-5950-42E7-ACD5-38457CBE9095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D81AF47A-56BA-4D90-A4D4-D7A37333A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E55DBB73-EF6C-4C46-9E5A-7C35D7FD190C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "205C014A-236B-44CF-A92D-B4D6392FF9A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F412ECF0-DA84-47B8-98FD-06019C9E63E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE04D970-A467-4648-B99C-895BA8BEE79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C79DC753-35CB-46FA-BDE4-650BD1730505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F54DA969-ABAA-4021-9EC3-C30A45D1A7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B68B13-DC1F-46AB-B360-D04E48A0939F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE65D839-7798-4DE4-AA89-765E91FC6A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B256D201-D3E1-472F-8B4F-8D6D5D763003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1151E8-E9D3-4244-9765-B06D07848AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.15:*:*:*:*:*:*:*",
"matchCriteriaId": "345FBFB9-7FA3-4F7D-B605-A38054744F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.20:*:*:*:*:*:*:*",
"matchCriteriaId": "859126BF-7327-4C54-AE2E-4A961911C937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7461ED0D-1DC2-4019-BEC0-2E9AF2724371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FA38E-5BF1-4CDA-AB4F-19150FD3EE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gpg4win:gpg4win:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "047F3D25-1795-494A-93AC-9AF80AC72680",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*",
"matchCriteriaId": "E007512B-2A01-4915-82D1-EDDEE8ED3190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74022B69-6557-4746-9080-24E4DDA44026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE3B4BE-7B43-47C7-823A-C019DF12498F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9460AD-229A-4DC2-BFBA-818640A464AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory."
},
{
"lang": "es",
"value": "Una vulnerabilidad de \"escritura en pila\" en GnuPG (gpg) 1.x anterior a la 1.4.6, 2.x anterior a la 2.0.2 y 1.9.0 hasta la 1.9.95 permite a atacantes ejecutar c\u00f3digo de su elecci\u00f3n mediante paquetes OpenPGP artesanales que provocan que GnuPG haga referencia a un puntero a funci\u00f3n que est\u00e1 en memoria (en la pila) que ya ha sido liberada."
}
],
"id": "CVE-2006-6235",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-07T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23245"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23250"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23255"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23259"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23269"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23284"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23290"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23299"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23303"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23329"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23335"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23513"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24047"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017349"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-0834 (GCVE-0-2010-0834)
Vulnerability from cvelistv5 – Published: 2010-08-09 20:00 – Updated: 2024-09-16 22:24
VLAI?
Summary
The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42280",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42280"
},
{
"name": "40889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40889"
},
{
"name": "ADV-2010-2015",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2015"
},
{
"name": "USN-968-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-968-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-09T20:00:00Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "42280",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42280"
},
{
"name": "40889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40889"
},
{
"name": "ADV-2010-2015",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2015"
},
{
"name": "USN-968-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-968-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2010-0834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42280",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42280"
},
{
"name": "40889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40889"
},
{
"name": "ADV-2010-2015",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2015"
},
{
"name": "USN-968-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-968-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2010-0834",
"datePublished": "2010-08-09T20:00:00Z",
"dateReserved": "2010-03-03T00:00:00Z",
"dateUpdated": "2024-09-16T22:24:37.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3232 (GCVE-0-2009-3232)
Vulnerability from cvelistv5 – Published: 2009-09-17 10:00 – Updated: 2024-08-07 06:22
VLAI?
Summary
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:22:23.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/410171"
},
{
"name": "36620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36620"
},
{
"name": "[oss-security] 20090908 CVE request - Debian/Ubuntu PAM auth module selection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/08/7"
},
{
"name": "36306",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36306"
},
{
"name": "USN-828-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/828-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an \"empty selection\" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/410171"
},
{
"name": "36620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36620"
},
{
"name": "[oss-security] 20090908 CVE request - Debian/Ubuntu PAM auth module selection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/08/7"
},
{
"name": "36306",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36306"
},
{
"name": "USN-828-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/828-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an \"empty selection\" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927"
},
{
"name": "https://launchpad.net/bugs/410171",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/410171"
},
{
"name": "36620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36620"
},
{
"name": "[oss-security] 20090908 CVE request - Debian/Ubuntu PAM auth module selection",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/08/7"
},
{
"name": "36306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36306"
},
{
"name": "USN-828-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/828-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3232",
"datePublished": "2009-09-17T10:00:00",
"dateReserved": "2009-09-16T00:00:00",
"dateUpdated": "2024-08-07T06:22:23.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0578 (GCVE-0-2009-0578)
Vulnerability from cvelistv5 – Published: 2009-03-05 02:00 – Updated: 2024-08-07 04:40
VLAI?
Summary
GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "oval:org.mitre.oval:def:8931",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "networkmanager-dbus-security-bypass(49063)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34067"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "1021909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021909"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "oval:org.mitre.oval:def:8931",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "networkmanager-dbus-security-bypass(49063)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34067"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "1021909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021909"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34473"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0578",
"datePublished": "2009-03-05T02:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T04:40:05.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0365 (GCVE-0-2009-0365)
Vulnerability from cvelistv5 – Published: 2009-03-05 02:00 – Updated: 2024-08-07 04:31
VLAI?
Summary
nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:26.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1021910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021910"
},
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "USN-727-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"name": "networkmanager-dbus-info-disclosure(49062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"name": "1021908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "1021911",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"name": "oval:org.mitre.oval:def:10828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34067"
},
{
"name": "RHSA-2009:0362",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "DSA-1955",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34177"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1021910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021910"
},
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "USN-727-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"name": "networkmanager-dbus-info-disclosure(49062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"name": "1021908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "1021911",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"name": "oval:org.mitre.oval:def:10828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34067"
},
{
"name": "RHSA-2009:0362",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "DSA-1955",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34177"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34473"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1021910",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021910"
},
{
"name": "USN-727-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "USN-727-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"name": "networkmanager-dbus-info-disclosure(49062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"name": "1021908",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021908"
},
{
"name": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207",
"refsource": "CONFIRM",
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"name": "33966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "1021911",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021911"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487722",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"name": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207",
"refsource": "CONFIRM",
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"name": "oval:org.mitre.oval:def:10828",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
},
{
"name": "34067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34067"
},
{
"name": "RHSA-2009:0362",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487752",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "DSA-1955",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34177",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34177"
},
{
"name": "34473",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34473"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0365",
"datePublished": "2009-03-05T02:00:00",
"dateReserved": "2009-01-29T00:00:00",
"dateUpdated": "2024-08-07T04:31:26.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5365 (GCVE-0-2007-5365)
Vulnerability from cvelistv5 – Published: 2007-10-11 10:00 – Updated: 2024-08-07 15:31
VLAI?
Summary
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:57.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27338"
},
{
"name": "27350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27350"
},
{
"name": "ADV-2008-3088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"name": "4601",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4601"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"name": "[4.2] 20071008 001: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"name": "25984",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25984"
},
{
"name": "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"name": "openbsd-dhcp-bo(37045)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"name": "RHSA-2007:0970",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"name": "DSA-1388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"name": "USN-531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"name": "oval:org.mitre.oval:def:5817",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"name": "USN-531-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"name": "27160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27160"
},
{
"name": "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD\u0026acirc;??s DHCP server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"name": "27273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27273"
},
{
"name": "[4.0] 20071008 016: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"name": "243806",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"name": "32668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32668"
},
{
"name": "[4.1] 20071008 010: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"name": "1018794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018794"
},
{
"name": "1021157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021157"
},
{
"name": "32213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32213"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27338"
},
{
"name": "27350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27350"
},
{
"name": "ADV-2008-3088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"name": "4601",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4601"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"name": "[4.2] 20071008 001: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"name": "25984",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25984"
},
{
"name": "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"name": "openbsd-dhcp-bo(37045)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"name": "RHSA-2007:0970",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"name": "DSA-1388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"name": "USN-531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"name": "oval:org.mitre.oval:def:5817",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"name": "USN-531-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"name": "27160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27160"
},
{
"name": "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD\u0026acirc;??s DHCP server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"name": "27273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27273"
},
{
"name": "[4.0] 20071008 016: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"name": "243806",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"name": "32668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32668"
},
{
"name": "[4.1] 20071008 010: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"name": "1018794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018794"
},
{
"name": "1021157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021157"
},
{
"name": "32213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32213"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27338"
},
{
"name": "27350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27350"
},
{
"name": "ADV-2008-3088",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"name": "4601",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4601"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"name": "[4.2] 20071008 001: SECURITY FIX: October 8, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"name": "25984",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25984"
},
{
"name": "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"name": "openbsd-dhcp-bo(37045)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"name": "RHSA-2007:0970",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"name": "DSA-1388",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"name": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962",
"refsource": "MISC",
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"name": "USN-531-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"name": "oval:org.mitre.oval:def:5817",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"name": "USN-531-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"name": "27160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27160"
},
{
"name": "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD\u0026acirc;??s DHCP server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"name": "27273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27273"
},
{
"name": "[4.0] 20071008 016: SECURITY FIX: October 8, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"name": "243806",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"name": "32668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32668"
},
{
"name": "[4.1] 20071008 010: SECURITY FIX: October 8, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"name": "1018794",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018794"
},
{
"name": "1021157",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021157"
},
{
"name": "32213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32213"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5365",
"datePublished": "2007-10-11T10:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:31:57.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4601 (GCVE-0-2007-4601)
Vulnerability from cvelistv5 – Published: 2007-08-30 22:00 – Updated: 2024-08-07 15:01
VLAI?
Summary
A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ubuntu-tcpwrapper-security-bypass(36364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"name": "26567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26567"
},
{
"name": "40140",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40140"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/405342"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.net/bugs/135332"
},
{
"name": "USN-507-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-507-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "ubuntu-tcpwrapper-security-bypass(36364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"name": "26567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26567"
},
{
"name": "40140",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40140"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/405342"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.net/bugs/135332"
},
{
"name": "USN-507-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-507-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2007-4601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ubuntu-tcpwrapper-security-bypass(36364)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"name": "26567",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26567"
},
{
"name": "40140",
"refsource": "OSVDB",
"url": "http://osvdb.org/40140"
},
{
"name": "http://bugs.debian.org/405342",
"refsource": "MISC",
"url": "http://bugs.debian.org/405342"
},
{
"name": "https://launchpad.net/bugs/135332",
"refsource": "MISC",
"url": "https://launchpad.net/bugs/135332"
},
{
"name": "USN-507-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-507-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2007-4601",
"datePublished": "2007-08-30T22:00:00",
"dateReserved": "2007-08-30T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1351 (GCVE-0-2007-1351)
Vulnerability from cvelistv5 – Published: 2007-04-06 01:00 – Updated: 2024-08-07 12:50
VLAI?
Summary
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2007:0150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "24921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24921"
},
{
"name": "oval:org.mitre.oval:def:1810",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "2007-0013",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "GLSA-200705-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"name": "24889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24889"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24756"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"name": "25495",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25495"
},
{
"name": "24996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24996"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "SSA:2007-109-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"name": "SUSE-SR:2007:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "MDKSA-2007:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"name": "DSA-1454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "ADV-2007-1264",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "24885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24885"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25096"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "24776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24776"
},
{
"name": "28333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28333"
},
{
"name": "24768",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24768"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "30161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "xorg-bdf-font-bo(33417)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "23402",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23402"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "oval:org.mitre.oval:def:11266",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2007:0150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "24921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24921"
},
{
"name": "oval:org.mitre.oval:def:1810",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "2007-0013",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "GLSA-200705-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"name": "24889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24889"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24756"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"name": "25495",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25495"
},
{
"name": "24996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24996"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "SSA:2007-109-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"name": "SUSE-SR:2007:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "MDKSA-2007:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"name": "DSA-1454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "ADV-2007-1264",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "24885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24885"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25096"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "24776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24776"
},
{
"name": "28333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28333"
},
{
"name": "24768",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24768"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "30161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "xorg-bdf-font-bo(33417)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "23402",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23402"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "oval:org.mitre.oval:def:11266",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-1351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2007:0150",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"name": "24745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24745"
},
{
"name": "24921",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24921"
},
{
"name": "oval:org.mitre.oval:def:1810",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "2007-0013",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "24771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24771"
},
{
"name": "GLSA-200705-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"name": "24889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24889"
},
{
"name": "24770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24756"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"name": "25495",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25495"
},
{
"name": "24996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24996"
},
{
"name": "23283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "SSA:2007-109-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"name": "SUSE-SR:2007:006",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "MDKSA-2007:081",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"name": "DSA-1454",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"name": "24758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24758"
},
{
"name": "ADV-2007-1264",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"name": "1017857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "24885",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24885"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25096",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25096"
},
{
"name": "25195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "24776",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24776"
},
{
"name": "28333",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28333"
},
{
"name": "24768",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24768"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "30161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=498954",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"name": "DSA-1294",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25216"
},
{
"name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "xorg-bdf-font-bo(33417)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"name": "102886",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"name": "https://issues.rpath.com/browse/RPL-1213",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "23402",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23402"
},
{
"name": "25004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25305"
},
{
"name": "oval:org.mitre.oval:def:11266",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"name": "RHSA-2007:0132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24772"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-223",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1351",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-03-08T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1352 (GCVE-0-2007-1352)
Vulnerability from cvelistv5 – Published: 2007-04-06 01:00 – Updated: 2024-08-07 12:50
VLAI?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-1352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"name": "https://issues.rpath.com/browse/RPL-1213",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-223",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1352",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-03-08T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5648 (GCVE-0-2006-5648)
Vulnerability from cvelistv5 – Published: 2006-12-14 00:00 – Updated: 2025-04-03 15:31
VLAI?
Summary
Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.
Severity ?
5.5 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "21582",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21582"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2006-5648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T15:29:54.817209Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:31:11.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-28T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "21582",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21582"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2006:079",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23384"
},
{
"name": "21582",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21582"
},
{
"name": "23474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23474"
},
{
"name": "USN-395-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-395-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5648",
"datePublished": "2006-12-14T00:00:00.000Z",
"dateReserved": "2006-11-01T00:00:00.000Z",
"dateUpdated": "2025-04-03T15:31:11.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5649 (GCVE-0-2006-5649)
Vulnerability from cvelistv5 – Published: 2006-12-14 00:00 – Updated: 2025-04-03 15:29
VLAI?
Summary
Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.
Severity ?
5.5 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "DSA-1237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.us.debian.org/security/2006/dsa-1237"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "DSA-1233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"name": "23370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23370"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "21523",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21523"
},
{
"name": "23395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23395"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2006-5649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T15:27:45.836399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:29:02.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the \"alignment check exception handling\" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-22T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "DSA-1237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.us.debian.org/security/2006/dsa-1237"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "DSA-1233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"name": "23370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23370"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "21523",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21523"
},
{
"name": "23395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23395"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the \"alignment check exception handling\" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2006:079",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23384"
},
{
"name": "DSA-1237",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2006/dsa-1237"
},
{
"name": "23474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23474"
},
{
"name": "DSA-1233",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"name": "23370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23370"
},
{
"name": "USN-395-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "21523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21523"
},
{
"name": "23395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23395"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5649",
"datePublished": "2006-12-14T00:00:00.000Z",
"dateReserved": "2006-11-01T00:00:00.000Z",
"dateUpdated": "2025-04-03T15:29:02.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0834 (GCVE-0-2010-0834)
Vulnerability from nvd – Published: 2010-08-09 20:00 – Updated: 2024-09-16 22:24
VLAI?
Summary
The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42280",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42280"
},
{
"name": "40889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40889"
},
{
"name": "ADV-2010-2015",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2015"
},
{
"name": "USN-968-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-968-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-09T20:00:00Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "42280",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42280"
},
{
"name": "40889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40889"
},
{
"name": "ADV-2010-2015",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2015"
},
{
"name": "USN-968-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-968-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2010-0834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubuntu 10.04 LTS, as shipped on Dell Latitude 2110 netbooks, does not require authentication for package installation, which allows remote archive servers and man-in-the-middle attackers to execute arbitrary code via a crafted package."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42280",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42280"
},
{
"name": "40889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40889"
},
{
"name": "ADV-2010-2015",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2015"
},
{
"name": "USN-968-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-968-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2010-0834",
"datePublished": "2010-08-09T20:00:00Z",
"dateReserved": "2010-03-03T00:00:00Z",
"dateUpdated": "2024-09-16T22:24:37.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3232 (GCVE-0-2009-3232)
Vulnerability from nvd – Published: 2009-09-17 10:00 – Updated: 2024-08-07 06:22
VLAI?
Summary
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:22:23.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/410171"
},
{
"name": "36620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36620"
},
{
"name": "[oss-security] 20090908 CVE request - Debian/Ubuntu PAM auth module selection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/08/7"
},
{
"name": "36306",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36306"
},
{
"name": "USN-828-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/828-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an \"empty selection\" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/410171"
},
{
"name": "36620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36620"
},
{
"name": "[oss-security] 20090908 CVE request - Debian/Ubuntu PAM auth module selection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/09/08/7"
},
{
"name": "36306",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36306"
},
{
"name": "USN-828-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/828-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an \"empty selection\" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927"
},
{
"name": "https://launchpad.net/bugs/410171",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/410171"
},
{
"name": "36620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36620"
},
{
"name": "[oss-security] 20090908 CVE request - Debian/Ubuntu PAM auth module selection",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/09/08/7"
},
{
"name": "36306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36306"
},
{
"name": "USN-828-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/828-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3232",
"datePublished": "2009-09-17T10:00:00",
"dateReserved": "2009-09-16T00:00:00",
"dateUpdated": "2024-08-07T06:22:23.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0578 (GCVE-0-2009-0578)
Vulnerability from nvd – Published: 2009-03-05 02:00 – Updated: 2024-08-07 04:40
VLAI?
Summary
GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "oval:org.mitre.oval:def:8931",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "networkmanager-dbus-security-bypass(49063)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34067"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "1021909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021909"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus (1) modify and (2) delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and at_console."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "oval:org.mitre.oval:def:8931",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8931"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "networkmanager-dbus-security-bypass(49063)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49063"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34067"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "1021909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021909"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34473"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0578",
"datePublished": "2009-03-05T02:00:00",
"dateReserved": "2009-02-13T00:00:00",
"dateUpdated": "2024-08-07T04:40:05.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0365 (GCVE-0-2009-0365)
Vulnerability from nvd – Published: 2009-03-05 02:00 – Updated: 2024-08-07 04:31
VLAI?
Summary
nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:26.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1021910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021910"
},
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "USN-727-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"name": "networkmanager-dbus-info-disclosure(49062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"name": "1021908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "1021911",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"name": "oval:org.mitre.oval:def:10828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34067"
},
{
"name": "RHSA-2009:0362",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "DSA-1955",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34177"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1021910",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021910"
},
{
"name": "USN-727-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "USN-727-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"name": "networkmanager-dbus-info-disclosure(49062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"name": "1021908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"name": "33966",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "1021911",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"name": "oval:org.mitre.oval:def:10828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
},
{
"name": "34067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34067"
},
{
"name": "RHSA-2009:0362",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "DSA-1955",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34177"
},
{
"name": "34473",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34473"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1021910",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021910"
},
{
"name": "USN-727-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-727-1"
},
{
"name": "USN-727-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-727-2"
},
{
"name": "networkmanager-dbus-info-disclosure(49062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49062"
},
{
"name": "1021908",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021908"
},
{
"name": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207",
"refsource": "CONFIRM",
"url": "http://svn.gnome.org/viewvc/network-manager-applet?view=revision\u0026revision=1207"
},
{
"name": "33966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33966"
},
{
"name": "1021911",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021911"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487722",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487722"
},
{
"name": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207",
"refsource": "CONFIRM",
"url": "http://svn.gnome.org/viewvc/network-manager-applet/trunk/nm-applet.conf?r1=1133\u0026r2=1207\u0026pathrev=1207"
},
{
"name": "oval:org.mitre.oval:def:10828",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10828"
},
{
"name": "34067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34067"
},
{
"name": "RHSA-2009:0362",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0362.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487752",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487752"
},
{
"name": "DSA-1955",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1955"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "SUSE-SA:2009:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00003.html"
},
{
"name": "RHSA-2009:0361",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0361.html"
},
{
"name": "34177",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34177"
},
{
"name": "34473",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34473"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0365",
"datePublished": "2009-03-05T02:00:00",
"dateReserved": "2009-01-29T00:00:00",
"dateUpdated": "2024-08-07T04:31:26.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5365 (GCVE-0-2007-5365)
Vulnerability from nvd – Published: 2007-10-11 10:00 – Updated: 2024-08-07 15:31
VLAI?
Summary
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:57.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27338"
},
{
"name": "27350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27350"
},
{
"name": "ADV-2008-3088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"name": "4601",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4601"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"name": "[4.2] 20071008 001: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"name": "25984",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25984"
},
{
"name": "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"name": "openbsd-dhcp-bo(37045)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"name": "RHSA-2007:0970",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"name": "DSA-1388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"name": "USN-531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"name": "oval:org.mitre.oval:def:5817",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"name": "USN-531-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"name": "27160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27160"
},
{
"name": "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD\u0026acirc;??s DHCP server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"name": "27273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27273"
},
{
"name": "[4.0] 20071008 016: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"name": "243806",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"name": "32668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32668"
},
{
"name": "[4.1] 20071008 010: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"name": "1018794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018794"
},
{
"name": "1021157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021157"
},
{
"name": "32213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32213"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27338"
},
{
"name": "27350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27350"
},
{
"name": "ADV-2008-3088",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"name": "4601",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4601"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"name": "[4.2] 20071008 001: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"name": "25984",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25984"
},
{
"name": "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"name": "openbsd-dhcp-bo(37045)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"name": "RHSA-2007:0970",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"name": "DSA-1388",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"name": "USN-531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"name": "oval:org.mitre.oval:def:5817",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"name": "USN-531-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"name": "27160",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27160"
},
{
"name": "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD\u0026acirc;??s DHCP server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"name": "27273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27273"
},
{
"name": "[4.0] 20071008 016: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"name": "243806",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"name": "32668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32668"
},
{
"name": "[4.1] 20071008 010: SECURITY FIX: October 8, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"name": "1018794",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018794"
},
{
"name": "1021157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021157"
},
{
"name": "32213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32213"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27338"
},
{
"name": "27350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27350"
},
{
"name": "ADV-2008-3088",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3088"
},
{
"name": "4601",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4601"
},
{
"name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c",
"refsource": "CONFIRM",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354"
},
{
"name": "[4.2] 20071008 001: SECURITY FIX: October 8, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata42.html#001_dhcpd"
},
{
"name": "25984",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25984"
},
{
"name": "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded"
},
{
"name": "openbsd-dhcp-bo(37045)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045"
},
{
"name": "RHSA-2007:0970",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html"
},
{
"name": "DSA-1388",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1388"
},
{
"name": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962",
"refsource": "MISC",
"url": "http://www.coresecurity.com/index.php5?module=ContentMod\u0026action=item\u0026id=1962"
},
{
"name": "USN-531-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-531-1"
},
{
"name": "oval:org.mitre.oval:def:5817",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817"
},
{
"name": "USN-531-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-531-2"
},
{
"name": "27160",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27160"
},
{
"name": "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSD\u0026acirc;??s DHCP server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded"
},
{
"name": "27273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27273"
},
{
"name": "[4.0] 20071008 016: SECURITY FIX: October 8, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#016_dhcpd"
},
{
"name": "243806",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1"
},
{
"name": "32668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32668"
},
{
"name": "[4.1] 20071008 010: SECURITY FIX: October 8, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata41.html#010_dhcpd"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1"
},
{
"name": "1018794",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018794"
},
{
"name": "1021157",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021157"
},
{
"name": "32213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32213"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5365",
"datePublished": "2007-10-11T10:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:31:57.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4601 (GCVE-0-2007-4601)
Vulnerability from nvd – Published: 2007-08-30 22:00 – Updated: 2024-08-07 15:01
VLAI?
Summary
A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ubuntu-tcpwrapper-security-bypass(36364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"name": "26567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26567"
},
{
"name": "40140",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40140"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugs.debian.org/405342"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.net/bugs/135332"
},
{
"name": "USN-507-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-507-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "ubuntu-tcpwrapper-security-bypass(36364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"name": "26567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26567"
},
{
"name": "40140",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40140"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugs.debian.org/405342"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.net/bugs/135332"
},
{
"name": "USN-507-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-507-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2007-4601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A regression error in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 might allow remote attackers to bypass intended access restrictions when a service uses libwrap but does not specify server connection information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ubuntu-tcpwrapper-security-bypass(36364)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36364"
},
{
"name": "26567",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26567"
},
{
"name": "40140",
"refsource": "OSVDB",
"url": "http://osvdb.org/40140"
},
{
"name": "http://bugs.debian.org/405342",
"refsource": "MISC",
"url": "http://bugs.debian.org/405342"
},
{
"name": "https://launchpad.net/bugs/135332",
"refsource": "MISC",
"url": "https://launchpad.net/bugs/135332"
},
{
"name": "USN-507-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-507-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2007-4601",
"datePublished": "2007-08-30T22:00:00",
"dateReserved": "2007-08-30T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1351 (GCVE-0-2007-1351)
Vulnerability from nvd – Published: 2007-04-06 01:00 – Updated: 2024-08-07 12:50
VLAI?
Summary
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2007:0150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "24921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24921"
},
{
"name": "oval:org.mitre.oval:def:1810",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "2007-0013",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "GLSA-200705-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"name": "24889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24889"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24756"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"name": "25495",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25495"
},
{
"name": "24996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24996"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "SSA:2007-109-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"name": "SUSE-SR:2007:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "MDKSA-2007:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"name": "DSA-1454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "ADV-2007-1264",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "24885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24885"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25096"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "24776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24776"
},
{
"name": "28333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28333"
},
{
"name": "24768",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24768"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "30161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "xorg-bdf-font-bo(33417)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "23402",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23402"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "oval:org.mitre.oval:def:11266",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2007:0150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "24921",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24921"
},
{
"name": "oval:org.mitre.oval:def:1810",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "2007-0013",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "GLSA-200705-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"name": "24889",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24889"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24756"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"name": "25495",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25495"
},
{
"name": "24996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24996"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "SSA:2007-109-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"name": "SUSE-SR:2007:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "MDKSA-2007:081",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"name": "DSA-1454",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "ADV-2007-1264",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "24885",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24885"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25096"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "24776",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24776"
},
{
"name": "28333",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28333"
},
{
"name": "24768",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24768"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "30161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "xorg-bdf-font-bo(33417)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "23402",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23402"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "oval:org.mitre.oval:def:11266",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-1351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2007:0150",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0150.html"
},
{
"name": "24745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24745"
},
{
"name": "24921",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24921"
},
{
"name": "oval:org.mitre.oval:def:1810",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1810"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "2007-0013",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0013/"
},
{
"name": "24771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24771"
},
{
"name": "GLSA-200705-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-02.xml"
},
{
"name": "24889",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24889"
},
{
"name": "24770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24756"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=498954"
},
{
"name": "25495",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25495"
},
{
"name": "24996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24996"
},
{
"name": "23283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "SSA:2007-109-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.626733"
},
{
"name": "SUSE-SR:2007:006",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
},
{
"name": "MDKSA-2007:081",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:081"
},
{
"name": "DSA-1454",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1454"
},
{
"name": "24758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24758"
},
{
"name": "ADV-2007-1264",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1264"
},
{
"name": "1017857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "24885",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24885"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25096",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25096"
},
{
"name": "25195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "24776",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24776"
},
{
"name": "28333",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28333"
},
{
"name": "24768",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24768"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "30161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=498954",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=498954"
},
{
"name": "DSA-1294",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25216"
},
{
"name": "20070403 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=501"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "xorg-bdf-font-bo(33417)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33417"
},
{
"name": "102886",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"name": "https://issues.rpath.com/browse/RPL-1213",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "23402",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23402"
},
{
"name": "25004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25305"
},
{
"name": "oval:org.mitre.oval:def:11266",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11266"
},
{
"name": "RHSA-2007:0132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24772"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-193.htm"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-223",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1351",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-03-08T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1352 (GCVE-0-2007-1352)
Vulnerability from nvd – Published: 2007-04-06 01:00 – Updated: 2024-08-07 12:50
VLAI?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-1352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"name": "https://issues.rpath.com/browse/RPL-1213",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-223",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1352",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-03-08T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5648 (GCVE-0-2006-5648)
Vulnerability from nvd – Published: 2006-12-14 00:00 – Updated: 2025-04-03 15:31
VLAI?
Summary
Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.
Severity ?
5.5 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "21582",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21582"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2006-5648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T15:29:54.817209Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:31:11.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-28T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "21582",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21582"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2006:079",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23384"
},
{
"name": "21582",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21582"
},
{
"name": "23474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23474"
},
{
"name": "USN-395-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-395-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5648",
"datePublished": "2006-12-14T00:00:00.000Z",
"dateReserved": "2006-11-01T00:00:00.000Z",
"dateUpdated": "2025-04-03T15:31:11.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5649 (GCVE-0-2006-5649)
Vulnerability from nvd – Published: 2006-12-14 00:00 – Updated: 2025-04-03 15:29
VLAI?
Summary
Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.
Severity ?
5.5 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "DSA-1237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.us.debian.org/security/2006/dsa-1237"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "DSA-1233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"name": "23370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23370"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "21523",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21523"
},
{
"name": "23395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23395"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2006-5649",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T15:27:45.836399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T15:29:02.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the \"alignment check exception handling\" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-22T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SA:2006:079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23384"
},
{
"name": "DSA-1237",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.us.debian.org/security/2006/dsa-1237"
},
{
"name": "23474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23474"
},
{
"name": "DSA-1233",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"name": "23370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23370"
},
{
"name": "USN-395-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "21523",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21523"
},
{
"name": "23395",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23395"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the \"alignment check exception handling\" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2006:079",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name": "23361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23361"
},
{
"name": "23384",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23384"
},
{
"name": "DSA-1237",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2006/dsa-1237"
},
{
"name": "23474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23474"
},
{
"name": "DSA-1233",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2006/dsa-1233"
},
{
"name": "23370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23370"
},
{
"name": "USN-395-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-395-1"
},
{
"name": "21523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21523"
},
{
"name": "23395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23395"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5649",
"datePublished": "2006-12-14T00:00:00.000Z",
"dateReserved": "2006-11-01T00:00:00.000Z",
"dateUpdated": "2025-04-03T15:29:02.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}