Mandrakesoft Mandrake Linux 2007.1 X86 64 Edition

CPE Details

Mandrakesoft Mandrake Linux 2007.1 X86 64 Edition
mandrakesoft
mandrake_linux
2007.1
2023-12-29
17h02 +00:00
2023-12-29
17h02 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*

Informations

Vendor

mandrakesoft

Product

mandrake_linux

Version

2007.1

edition

x86_64

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2008-0595 2008-02-29 18h00 +00:00 dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.
4.6
CVE-2008-0411 2008-02-28 20h00 +00:00 Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
6.8
CVE-2008-0386 2008-02-04 21h00 +00:00 Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
6.8
CVE-2008-0008 2008-01-28 22h00 +00:00 The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion.
7.2
CVE-2007-6284 2008-01-12 01h00 +00:00 The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
5
CVE-2007-5116 2007-11-07 19h00 +00:00 Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
7.5
CVE-2007-4137 2007-09-18 17h00 +00:00 Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
7.5
CVE-2007-4938 2007-09-18 17h00 +00:00 Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
7.6
CVE-2007-2833 2007-06-21 18h00 +00:00 Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
7.8