Suse

Suse Linux

207 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 8.05%
  • Veröffentlicht 20.10.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:09

Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.

  • EPSS 7.25%
  • Veröffentlicht 20.10.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:10

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a ...

  • EPSS 1.89%
  • Veröffentlicht 20.10.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:16

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session...

  • EPSS 3.92%
  • Veröffentlicht 07.10.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:10:59

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

  • EPSS 5.51%
  • Veröffentlicht 16.09.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:28

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3)...

  • EPSS 10.08%
  • Veröffentlicht 16.09.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:31

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

Exploit
  • EPSS 3.05%
  • Veröffentlicht 14.09.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:38

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a fr...

  • EPSS 5.5%
  • Veröffentlicht 13.09.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:25

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

  • EPSS 45.33%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:40

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DI...

  • EPSS 16.77%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:40

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overfl...