English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Conectiva Linux 9.0

CPE Details

Conectiva Linux 9.0
conectiva
linux
9.0
2007-09-19 18:35 +00:00
2007-09-19 18:35 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*

Informations

Vendor

conectiva

Product

linux

Version

9.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2012-5938 2013-03-20 13:00 +00:00 The installation process in IBM InfoSphere Information Server 8.1, 8.5, 8.7, and 9.1 on UNIX and Linux sets incorrect permissions and ownerships for unspecified files, which allows local users to bypass intended access restrictions via standard filesystem operations.
7.2
CVE-2009-3048 2009-09-02 15:00 +00:00 Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file."
4.3
CVE-2007-4137 2007-09-18 17:00 +00:00 Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
7.5
CVE-2004-1307 2005-05-04 02:00 +00:00 Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
7.5
CVE-2005-0754 2005-04-24 02:00 +00:00 Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
7.5
CVE-2005-1043 2005-04-12 02:00 +00:00 exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
5
CVE-2005-0699 2005-03-09 04:00 +00:00 Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.
7.5
CVE-2005-0373 2005-02-13 04:00 +00:00 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
7.5
CVE-2004-1139 2004-12-31 04:00 +00:00 Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
5
CVE-2004-1142 2004-12-31 04:00 +00:00 Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
5
CVE-2004-1145 2004-12-31 04:00 +00:00 Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
5
CVE-2004-1011 2004-12-01 04:00 +00:00 Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
10
CVE-2004-1012 2004-12-01 04:00 +00:00 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
10
CVE-2004-1013 2004-12-01 04:00 +00:00 The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.
10
CVE-2004-0884 2004-10-21 02:00 +00:00 The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs.
7.2
CVE-2004-0801 2004-09-24 02:00 +00:00 Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
7.5
CVE-2004-0802 2004-09-24 02:00 +00:00 Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
5.1
CVE-2004-0827 2004-09-24 02:00 +00:00 Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
7.5
CVE-2004-0902 2004-09-24 02:00 +00:00 Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
10
CVE-2004-0903 2004-09-24 02:00 +00:00 Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
10
CVE-2004-0904 2004-09-24 02:00 +00:00 Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
10
CVE-2004-0905 2004-09-24 02:00 +00:00 Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
4.6
CVE-2004-0817 2004-09-17 02:00 +00:00 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
7.5
CVE-2004-0807 2004-09-14 02:00 +00:00 Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
5
CVE-2004-0557 2004-08-02 02:00 +00:00 Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
10
CVE-2004-0495 2004-06-23 02:00 +00:00 Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
7.2
CVE-2004-0554 2004-06-15 02:00 +00:00 Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
2.1
CVE-2004-0535 2004-06-08 02:00 +00:00 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
2.1
CVE-2003-0780 2003-09-12 02:00 +00:00 Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
9
CVE-2001-0690 2002-03-09 04:00 +00:00 Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
7.5
CVE-2001-0136 2001-09-18 02:00 +00:00 Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
5
CVE-2001-0473 2001-09-18 02:00 +00:00 Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
7.5

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.