Conectiva

Linux

63 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2005-3626

Exploit
  • EPSS 9.33%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10

CVE-2005-3625

Exploit
  • EPSS 11.29%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and ...

5

CVE-2005-3624

Exploit
  • EPSS 7.36%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int...

2.1

CVE-2005-0207

  • EPSS 0.08%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

7.5

CVE-2005-0754

  • EPSS 2.28%
  • Veröffentlicht 22.04.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.

5

CVE-2005-1043

  • EPSS 1.23%
  • Veröffentlicht 14.04.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

6.2

CVE-2004-1235

Exploit
  • EPSS 0.08%
  • Veröffentlicht 14.04.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

7.2

CVE-2005-0750

  • EPSS 0.17%
  • Veröffentlicht 27.03.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

2.1

CVE-2005-0736

Exploit
  • EPSS 0.05%
  • Veröffentlicht 09.03.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.

7.5

CVE-2005-0699

Exploit
  • EPSS 4.23%
  • Veröffentlicht 08.03.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length val...