Red Hat Enterprise Linux Desktop 5 Client Edition

CPE Details

Red Hat Enterprise Linux Desktop 5 Client Edition
redhat
enterprise_linux_desktop
5
2023-12-29
17h02 +00:00
2023-12-29
17h02 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:redhat:enterprise_linux_desktop:5:-:client:*:*:*:*:*

Informations

Vendor

redhat

Product

enterprise_linux_desktop

Version

5

Update

-

edition

client

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2014-0181 2014-04-27 00h00 +00:00 The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the (1) stdout or (2) stderr of a setuid program.
2.1
CVE-2009-2904 2009-10-01 13h00 +00:00 A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
6.9
CVE-2008-3844 2008-08-27 18h00 +00:00 Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known.
9.3
CVE-2007-5495 2008-05-23 12h00 +00:00 sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file.
4.4
CVE-2007-5496 2008-05-23 12h00 +00:00 Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert.
1.9
CVE-2008-1767 2008-05-23 12h00 +00:00 Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
7.5
CVE-2008-0411 2008-02-28 20h00 +00:00 Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
6.8