Canonical

Ubuntu Linux

4106 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2007-3387

  • EPSS 11.4%
  • Published 30.07.2007 23:17:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute...

9.8

CVE-2007-3798

Exploit
  • EPSS 72.12%
  • Published 16.07.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

6.8

CVE-2007-2949

  • EPSS 33.94%
  • Published 04.07.2007 15:30:00
  • Last modified 09.04.2025 00:30:58

Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.

4.3

CVE-2006-5752

  • EPSS 11.55%
  • Published 27.06.2007 17:30:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML vi...

10

CVE-2007-2442

  • EPSS 39.32%
  • Published 26.06.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cl...

8.3

CVE-2007-2443

  • EPSS 25.36%
  • Published 26.06.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

9

CVE-2007-2798

  • EPSS 14.89%
  • Published 26.06.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.

7.5

CVE-2007-3409

  • EPSS 12.39%
  • Published 26.06.2007 18:30:00
  • Last modified 09.04.2025 00:30:58

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.

4.7

CVE-2007-3304

Exploit
  • EPSS 0.21%
  • Published 20.06.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the m...

2.1

CVE-2007-2875

  • EPSS 0.09%
  • Published 11.06.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading th...