Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6341 | 1 Net Dns | 1 Net Dns | 2018-10-03 | 5.0 MEDIUM | N/A |
| Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response. | |||||
| CVE-2007-5925 | 1 Mysql | 1 Mysql | 2018-10-03 | 4.0 MEDIUM | N/A |
| The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error. | |||||
| CVE-2007-5208 | 1 Hp | 1 Linux Imaging And Printing Project | 2018-10-03 | 7.6 HIGH | N/A |
| hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail. | |||||
| CVE-2007-5335 | 1 Mozilla | 1 Firefox | 2018-10-03 | 4.3 MEDIUM | N/A |
| Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by using the addMicrosummaryGenerator sidebar method to access file: URIs. | |||||
| CVE-2007-4567 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 7.8 HIGH | N/A |
| The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet. | |||||
| CVE-2007-4658 | 1 Php | 1 Php | 2018-10-03 | 7.5 HIGH | N/A |
| The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability. | |||||
| CVE-2007-4660 | 1 Php | 1 Php | 2018-10-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation. | |||||
| CVE-2007-4661 | 1 Php | 1 Php | 2018-10-03 | 7.5 HIGH | N/A |
| The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872. | |||||
| CVE-2007-4662 | 1 Php | 1 Php | 2018-10-03 | 7.5 HIGH | N/A |
| Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. | |||||
| CVE-2007-4670 | 1 Php | 1 Php | 2018-10-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285. | |||||
| CVE-2007-3799 | 1 Php | 1 Php | 2018-10-03 | 4.3 MEDIUM | N/A |
| The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207. | |||||
| CVE-2007-4351 | 1 Cups | 1 Cups | 2018-10-03 | 10.0 HIGH | N/A |
| Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | |||||
| CVE-2007-1387 | 1 Mplayer | 1 Mplayer | 2018-10-03 | 6.8 MEDIUM | N/A |
| The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246. | |||||
| CVE-2006-5461 | 1 Avahi | 1 Avahi | 2018-10-03 | 2.1 LOW | N/A |
| Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi. | |||||
| CVE-2006-7236 | 3 Debian, Invisible-island, Ubuntu | 3 Debian Linux, Xterm, Linux | 2018-10-03 | 9.3 HIGH | N/A |
| The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences. | |||||
| CVE-2006-2802 | 1 Xine | 2 Gxine, Xine-lib | 2018-10-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6. | |||||
| CVE-2006-2906 | 1 Thomas Boutell | 1 Graphics Draw Library | 2018-10-03 | 5.4 MEDIUM | N/A |
| The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop. | |||||
| CVE-2006-3057 | 1 Gnome | 1 Dhcdbd | 2018-10-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption. | |||||
| CVE-2006-3458 | 1 Zope | 1 Zope | 2018-10-03 | 2.1 LOW | N/A |
| Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files. | |||||
| CVE-2006-2788 | 1 Mozilla | 1 Firefox | 2018-10-03 | 7.5 HIGH | N/A |
| Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code. | |||||
| CVE-2006-2480 | 1 Dia | 1 Dia | 2018-10-03 | 5.1 MEDIUM | N/A |
| Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file. | |||||
| CVE-2006-2489 | 1 Nagios | 1 Nagios | 2018-10-03 | 7.5 HIGH | N/A |
| Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (Content-Length) HTTP header. NOTE: this is a different vulnerability than CVE-2006-2162. | |||||
| CVE-2006-2644 | 1 Awstats | 1 Awstats | 2018-10-03 | 4.0 MEDIUM | N/A |
| AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive. | |||||
| CVE-2006-2656 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. | |||||
| CVE-2006-2659 | 1 Double Precision Incorporated | 1 Courier Mta | 2018-10-03 | 7.8 HIGH | N/A |
| libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding. | |||||
| CVE-2006-1931 | 1 Yukihiro Matsumoto | 1 Ruby | 2018-10-03 | 5.0 MEDIUM | N/A |
| The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data. | |||||
| CVE-2006-2024 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 4.0 MEDIUM | N/A |
| Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c. | |||||
| CVE-2006-2025 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 6.5 MEDIUM | N/A |
| Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. | |||||
| CVE-2006-2026 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 6.5 MEDIUM | N/A |
| Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." | |||||
| CVE-2006-2120 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 2.1 LOW | N/A |
| The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read. | |||||
| CVE-2006-2162 | 1 Nagios | 1 Nagios | 2018-10-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header. | |||||
| CVE-2006-2193 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 7.5 HIGH | N/A |
| Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call. | |||||
| CVE-2006-2197 | 1 Wvware | 1 Wv2 | 2018-10-03 | 6.5 MEDIUM | N/A |
| Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document. | |||||
| CVE-2006-2237 | 1 Awstats | 1 Awstats | 2018-10-03 | 5.1 MEDIUM | N/A |
| The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter. | |||||
| CVE-2006-2276 | 1 Quagga | 1 Quagga | 2018-10-03 | 4.9 MEDIUM | N/A |
| bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface. | |||||
| CVE-2006-2452 | 1 Gnome | 1 Gdm | 2018-10-03 | 3.7 LOW | N/A |
| GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges. | |||||
| CVE-2006-2453 | 1 Dia | 1 Dia | 2018-10-03 | 7.5 HIGH | N/A |
| Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480. | |||||
| CVE-2006-1525 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 4.9 MEDIUM | N/A |
| ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference. | |||||
| CVE-2006-1055 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 4.9 MEDIUM | N/A |
| The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read. | |||||
| CVE-2006-1057 | 1 Gnome | 1 Gdm | 2018-10-03 | 3.7 LOW | N/A |
| Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. | |||||
| CVE-2006-1066 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 1.2 LOW | N/A |
| Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call. | |||||
| CVE-2006-1183 | 1 Ubuntu | 1 Ubuntu Linux | 2018-10-03 | 7.2 HIGH | N/A |
| The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges. | |||||
| CVE-2006-1244 | 4 Debian, Gnome, Libextractor and 1 more | 4 Debian Linux, Gpdf, Libextractor and 1 more | 2018-10-03 | 7.6 HIGH | N/A |
| Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature. | |||||
| CVE-2006-1368 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 10.0 HIGH | N/A |
| Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure. | |||||
| CVE-2006-0457 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 7.1 HIGH | N/A |
| Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. | |||||
| CVE-2006-0458 | 1 Irssi | 1 Irssi | 2018-10-03 | 5.0 MEDIUM | N/A |
| The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command. | |||||
| CVE-2006-0459 | 1 Will Estes And John Millaway | 1 Flex | 2018-10-03 | 7.5 HIGH | N/A |
| flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. | |||||
| CVE-2006-0528 | 1 Gnome | 1 Evolution | 2018-10-03 | 5.0 MEDIUM | N/A |
| The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment. | |||||
| CVE-2006-0554 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 1.7 LOW | N/A |
| Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. | |||||
| CVE-2006-0555 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 2.1 LOW | N/A |
| The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O). | |||||