Vulnerabilities (CVE)

Vendor filter

Conectiva Subscribe

Filter

28 total CVE
CVE Vendors Products Updated CVSS
CVE-2005-1043 6 Apple, Conectiva, Peachtree and 3 more 7 Propack, Peachtree Linux, Php and 4 more 2018-10-30 5.0
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2005-3626 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3624 18 Turbolinux, Xpdf, Easy Software Products and 15 more 33 Linux, Fedora Core, Mandrake Linux Corporate Server and 30 more 2018-10-19 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to...
CVE-2001-0136 5 Conectiva, Debian, Mandrakesoft and 2 more 5 Debian Linux, Mandrake Linux, Proftpd and 2 more 2018-02-07 5.0
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
CVE-2000-1134 7 Conectiva, Redhat, Suse and 4 more 9 Hp-ux, Openlinux Eserver, Linux and 6 more 2017-10-19 7.2
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users...
CVE-2005-0750 5 Ubuntu, Suse, Conectiva and 2 more 8 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux and 5 more 2017-10-11 7.2
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
CVE-2004-1235 7 Linux, Ubuntu, Conectiva and 4 more 20 Mandrake Multi Network Firewall, Linux Kernel, Converged Communications Server and 17 more 2017-10-11 6.2
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
CVE-2004-1145 7 Ethereal Group, Conectiva, Redhat and 4 more 9 Propack, Linux Advanced Workstation, Debian Linux and 6 more 2017-10-11 5.0
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to...
CVE-2004-1142 7 Ethereal Group, Conectiva, Redhat and 4 more 9 Propack, Linux Advanced Workstation, Debian Linux and 6 more 2017-10-11 5.0
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
CVE-2004-1139 7 Ethereal Group, Conectiva, Redhat and 4 more 9 Propack, Linux Advanced Workstation, Debian Linux and 6 more 2017-10-11 5.0
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
CVE-2004-0930 5 Gentoo, Sgi, Conectiva and 2 more 8 Linux Advanced Workstation, Linux, Enterprise Linux Desktop and 5 more 2017-10-11 5.0
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
CVE-2004-0905 5 Suse, Netscape, Mozilla and 2 more 10 Mozilla, Navigator, Linux Advanced Workstation and 7 more 2017-10-11 4.6
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to...
CVE-2004-0884 2 Conectiva, Cyrus 2 Sasl, Linux 2017-10-11 7.2
The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to...
CVE-2004-0809 8 Turbolinux, Conectiva, Redhat and 5 more 12 Hp-ux, Linux, Turbolinux Home and 9 more 2017-10-11 5.0
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
CVE-2004-0807 5 Conectiva, Suse, Mandrakesoft and 2 more 5 Suse Linux, Mandrake Linux, Samba and 2 more 2017-10-11 5.0
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
CVE-2004-0495 6 Linux, Conectiva, Redhat and 3 more 18 Suse Email Server, Linux Kernel, Suse Office Server and 15 more 2017-10-11 7.2
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
CVE-2003-0540 2 Conectiva, Wietse Venema 2 Postfix, Linux 2017-10-11 5.0
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or...
CVE-2003-0468 2 Conectiva, Wietse Venema 2 Postfix, Linux 2017-10-11 5.0
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which...
CVE-2001-1374 3 Conectiva, Don Libes, Redhat 3 Linux, Expect, Linux 2017-10-10 7.2
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
CVE-2001-0834 4 Suse, Conectiva, Debian and 1 more 4 Debian Linux, Suse Linux, Htdig and 1 more 2017-10-10 6.4
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file...