Product:

Ubuntu_linux

(Ubuntu)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 64
Date Id Summary Products Score Patch Annotated
2005-12-31 CVE-2005-3625 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf N/A
2005-12-31 CVE-2005-3624 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. Linux, Debian_linux, Cups, Linux, Kdegraphics, Koffice, Kpdf, Kword, Libextractor, Mandrake_linux, Mandrake_linux_corporate_server, Poppler, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Openserver, Propack, Slackware_linux, Suse_linux, Tetex, Secure_linux, Turbolinux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_multimedia, Turbolinux_personal, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux, Xpdf N/A
2005-05-02 CVE-2005-0988 Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. Freebsd, Linux, Gzip, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Secure_linux, Turbolinux_appliance_server, Turbolinux_desktop, Turbolinux_home, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux N/A
2005-04-22 CVE-2005-0754 Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. Linux, Linux, Kde, Quanta, Fedora_core, Ubuntu_linux N/A
2005-03-27 CVE-2005-0750 The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. Linux, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Suse_linux, Ubuntu_linux N/A
2005-03-15 CVE-2005-0384 Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client. Enterprise_linux, Suse_linux, Secure_linux, Ubuntu_linux N/A
2005-04-27 CVE-2005-0206 The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. Ptex, Cstetex, Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Mandrake_linux_corporate_server, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Advanced_linux_environment, Propack, Suse_linux, Tetex, Ubuntu_linux, Xpdf N/A
2005-03-05 CVE-2005-0109 Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. Freebsd, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Openserver, Unixware, Solaris, Ubuntu_linux 5.6
2005-05-03 CVE-2005-0106 SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file. Ubuntu_linux N/A
2005-05-02 CVE-2005-0080 The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. Mailman, Ubuntu_linux N/A