Product:

Fedora_core

(Redhat)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 79
Date Id Summary Products Score Patch Annotated
2005-06-10 CVE-2005-1267 The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. Linux, Tcpdump, Mandrake_linux, Fedora_core, Secure_linux N/A
2005-04-22 CVE-2005-0754 Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. Linux, Linux, Kde, Quanta, Fedora_core, Ubuntu_linux N/A
2005-03-27 CVE-2005-0750 The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. Linux, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Suse_linux, Ubuntu_linux N/A
2005-03-07 CVE-2005-0667 Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. Alt_linux, Linux, Enterprise_linux, Fedora_core, Linux_advanced_workstation, Sylpheed, Sylpheed\-Claws N/A
2005-03-02 CVE-2005-0605 scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. Alt_linux, Lesstif, Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Propack, Suse_linux, X11r6, X11r6 N/A
2004-10-07 CVE-2005-0373 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. Mac_os_x, Mac_os_x_server, Linux, Sasl, Openpkg, Fedora_core, Suse_cvsup, Suse_linux N/A
2005-04-27 CVE-2005-0206 The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. Ptex, Cstetex, Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Mandrake_linux_corporate_server, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Advanced_linux_environment, Propack, Suse_linux, Tetex, Ubuntu_linux, Xpdf N/A
2005-03-05 CVE-2005-0109 Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. Freebsd, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Openserver, Unixware, Solaris, Ubuntu_linux 5.6
2005-04-27 CVE-2005-0085 Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. Htdig, Mandrake_linux, Mandrake_linux_corporate_server, Fedora_core, Suse_linux N/A
2004-10-18 CVE-2004-1613 Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. Mozilla, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Propack N/A