MandrakeSoft Mandrake Linux 2007.0

CPE Details

MandrakeSoft Mandrake Linux 2007.0
mandrakesoft
mandrake_linux
2007
2007-08-23
19h16 +00:00
2008-04-07
12h17 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*

Informations

Vendor

mandrakesoft

Product

mandrake_linux

Version

2007

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2008-0595 2008-02-29 18h00 +00:00 dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.
4.6
CVE-2008-0411 2008-02-28 20h00 +00:00 Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
6.8
CVE-2007-6284 2008-01-12 01h00 +00:00 The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
5
CVE-2007-5116 2007-11-07 19h00 +00:00 Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
7.5
CVE-2007-4137 2007-09-18 17h00 +00:00 Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
7.5
CVE-2007-4938 2007-09-18 17h00 +00:00 Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
7.6
CVE-2007-2833 2007-06-21 18h00 +00:00 Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
7.8
CVE-2007-1351 2007-04-05 23h00 +00:00 Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
8.5
CVE-2007-1352 2007-04-05 23h00 +00:00 Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
3.8
CVE-2007-1543 2007-03-20 21h00 +00:00 Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection.
10
CVE-2007-1544 2007-03-20 21h00 +00:00 Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value.
5
CVE-2007-1545 2007-03-20 21h00 +00:00 The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID.
5
CVE-2007-1546 2007-03-20 21h00 +00:00 Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c.
5
CVE-2007-1547 2007-03-20 21h00 +00:00 The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
7.8
CVE-2001-0496 2001-05-24 02h00 +00:00 kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
4.6
CVE-2000-0594 2000-10-13 02h00 +00:00 BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
5