Gentoo

Linux

135 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2004-0990

  • EPSS 34.84%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-...

5

CVE-2004-1027

  • EPSS 6.28%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.

9.3

CVE-2004-1029

  • EPSS 42.56%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load un...

2.1

CVE-2004-1030

  • EPSS 0.07%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.

7.2

CVE-2004-1031

  • EPSS 0.05%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry th...

2.1

CVE-2004-1032

  • EPSS 0.06%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not pro...

2.1

CVE-2004-1033

  • EPSS 0.07%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.

10

CVE-2004-1034

  • EPSS 5.93%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type head...

6.8

CVE-2004-1036

  • EPSS 3.18%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML.

10

CVE-2004-1037

Exploit
  • EPSS 85.83%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.