Vulnerabilities (CVE)

Vendor filter

Conectiva Subscribe

Filter

26 total CVE
CVE Vendors Products Updated CVSS
CVE-2003-0780 3 Mysql, Conectiva, Oracle 3 Mysql, Linux, Mysql 2019-10-07 9.0
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
CVE-2004-1307 10 Apple, Conectiva, Libtiff and 7 more 19 Propack, Unixware, Linux and 16 more 2018-10-30 7.5
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to...
CVE-2000-0844 13 Turbolinux, Conectiva, Slackware and 10 more 16 Aix, Solaris, Openlinux Eserver and 13 more 2018-10-30 10.0
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2004-0882 4 Ubuntu, Conectiva, Samba and 1 more 7 Linux Advanced Workstation, Enterprise Linux Desktop, Enterprise Linux and 4 more 2018-10-30 10.0
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
CVE-2005-3625 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode...
CVE-2004-0902 4 Suse, Mozilla, Conectiva and 1 more 9 Mozilla, Linux Advanced Workstation, Enterprise Linux Desktop and 6 more 2018-05-03 10.0
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the...
CVE-2000-0666 5 Suse, Conectiva, Debian and 2 more 5 Suse Linux, Debian Linux, Linux and 2 more 2018-05-03 10.0
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
CVE-2005-0699 4 Altlinux, Ethereal Group, Conectiva and 1 more 6 Linux Advanced Workstation, Enterprise Linux Desktop, Enterprise Linux and 3 more 2017-10-11 7.5
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.
CVE-2004-1029 5 Gentoo, Hp, Conectiva and 2 more 8 Enterprise Firewall, Hp-ux, Jdk and 5 more 2017-10-11 9.3
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to...
CVE-2004-0904 4 Conectiva, Netscape, Mozilla and 1 more 10 Mozilla, Navigator, Linux Advanced Workstation and 7 more 2017-10-11 10.0
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
CVE-2004-0903 4 Suse, Mozilla, Conectiva and 1 more 9 Mozilla, Linux Advanced Workstation, Enterprise Linux Desktop and 6 more 2017-10-11 10.0
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard...
CVE-2004-0827 9 Turbolinux, Enlightenment, Imagemagick and 6 more 14 Imlib2, Linux Advanced Workstation, Java Desktop System and 11 more 2017-10-11 7.5
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or...
CVE-2004-0817 9 Turbolinux, Enlightenment, Imagemagick and 6 more 16 Imlib2, Linux Advanced Workstation, Java Desktop System and 13 more 2017-10-11 7.5
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
CVE-2004-0557 4 Gentoo, Conectiva, Sox and 1 more 6 Sox, Linux, Enterprise Linux Desktop and 3 more 2017-10-11 10.0
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
CVE-2001-0690 4 Conectiva, Debian, University Of Cambridge and 1 more 4 Debian Linux, Linux, Exim and 1 more 2017-10-10 7.5
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
CVE-2001-0473 5 Mutt, Immunix, Conectiva and 2 more 5 Linux, Linux, Mandrake Linux and 2 more 2017-10-10 7.5
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
CVE-2001-0440 3 Conectiva, Mandrakesoft, Licq 3 Mandrake Linux, Licq, Linux 2017-10-10 7.5
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
CVE-2001-0439 5 Redhat, Conectiva, Mandrakesoft and 2 more 6 Mandrake Linux Corporate Server, Freebsd, Linux and 3 more 2017-10-10 7.5
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
CVE-2000-0747 1 Conectiva 1 Linux 2017-10-10 10.0
The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Fedora Core, Sasl, Openpkg and 5 more 2017-07-11 7.5
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.