Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-07-03 | CVE-2014-0477 | The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address. | Email\:\:address, Fedora | N/A | ||
| 2014-07-29 | CVE-2014-0103 | WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files. | Fedora, Webapp, Zarafa | N/A | ||
| 2014-02-04 | CVE-2014-0019 | Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line. | Socat, Fedora, Opensuse | N/A | ||
| 2013-12-23 | CVE-2013-6890 | denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service (incorrect block of IP addresses) via crafted login names. | Debian_linux, Fedora, Denyhosts | N/A | ||
| 2014-03-14 | CVE-2013-6476 | The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file. | Ubuntu_linux, Debian_linux, Fedora, Cups\-Filters | N/A | ||
| 2014-03-14 | CVE-2013-6475 | Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow. | Ubuntu_linux, Debian_linux, Fedora, Cups\-Filters | N/A | ||
| 2014-03-14 | CVE-2013-6474 | Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file. | Ubuntu_linux, Debian_linux, Fedora, Cups\-Filters | N/A | ||
| 2013-12-11 | CVE-2013-5611 | Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation. | Ubuntu_linux, Fedora, Firefox, Opensuse, Opensuse, Solaris, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2013-07-29 | CVE-2013-4854 | The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. | Fedora, Freebsd, Hp\-Ux, Bind, Dnsco_bind, Business_server, Enterprise_server, Suse_linux, Opensuse, Enterprise_linux, Slackware_linux, Suse_linux_enterprise_software_development_kit | N/A | ||
| 2013-12-24 | CVE-2013-4550 | Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a different vulnerability than CVE-2011-5268. NOTE: some sources originally mapped this CVE to two different types of issues; this CVE has since been SPLIT, producing CVE-2011-5268. | Bip, Fedora | N/A |