- EPSS 2.3%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:16
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int...
- EPSS 3.86%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:16
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and ...
- EPSS 3.41%
- Veröffentlicht 31.12.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:17:17
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3631
- EPSS 0.39%
- Veröffentlicht 22.12.2005 11:03:00
- Zuletzt bearbeitet 16.06.2026 22:17:18
udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords.
CVE-2005-2100
- EPSS 0.39%
- Veröffentlicht 25.10.2005 17:06:00
- Zuletzt bearbeitet 16.06.2026 22:14:15
The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).
- EPSS 14.19%
- Veröffentlicht 25.10.2005 17:06:00
- Zuletzt bearbeitet 16.06.2026 22:16:00
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused f...
CVE-2005-0403
- EPSS 0.4%
- Veröffentlicht 01.09.2005 22:03:00
- Zuletzt bearbeitet 16.06.2026 22:11:02
init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access vi...
- EPSS 8.39%
- Veröffentlicht 05.08.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:12:45
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one...
CVE-2005-1760
- EPSS 1.97%
- Veröffentlicht 13.06.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:13:38
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
CVE-2005-0757
- EPSS 0.38%
- Veröffentlicht 18.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:11:42
The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with ...