Mandrakesoft

Mandrake Linux Corporate Server

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.57%
  • Veröffentlicht 12.01.2008 02:46:00
  • Zuletzt bearbeitet 16.06.2026 22:47:44

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

  • EPSS 6.41%
  • Veröffentlicht 06.02.2007 02:28:00
  • Zuletzt bearbeitet 16.06.2026 22:35:36

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during...

Exploit
  • EPSS 3.41%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:17:17

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

Exploit
  • EPSS 3.86%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:17:16

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and ...

Exploit
  • EPSS 2.3%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:17:16

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int...

  • EPSS 2.51%
  • Veröffentlicht 26.07.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:14:46

nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote at...

  • EPSS 2.99%
  • Veröffentlicht 27.04.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:41

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

  • EPSS 2.27%
  • Veröffentlicht 27.04.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:28

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

  • EPSS 0.51%
  • Veröffentlicht 14.04.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:22

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

  • EPSS 0.51%
  • Veröffentlicht 14.04.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:20

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbit...