Product:

Mandrake_linux

(Mandrakesoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 135
Date Id Summary Products Score Patch Annotated
2005-01-10 CVE-2004-1158 Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. Konqueror, Mandrake_linux, Fedora_core N/A
2005-01-10 CVE-2004-1098 MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. Mandrake_linux, Mandrake_linux_corporate_server, Mimedefang, Suse_linux N/A
2005-03-01 CVE-2004-1051 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. Debian_linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Sudo, Secure_linux, Ubuntu_linux N/A
2005-01-10 CVE-2004-1014 statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. Debian_linux, Mandrake_linux, Mandrake_linux_corporate_server, Nfs\-Utils, Enterprise_linux, Enterprise_linux_desktop N/A
2005-03-01 CVE-2004-0983 The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. Linux, Mandrake_linux, Mandrake_linux_corporate_server, Ubuntu_linux, Ruby N/A
2005-02-09 CVE-2004-0975 The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. Linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Openssl N/A
2005-02-09 CVE-2004-0974 The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. Mandrake_linux, Mandrake_linux_corporate_server, Open_source_apple_file_share_protocol_suite, Fedora_core N/A
2005-01-27 CVE-2004-0886 Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. Mac_os_x, Mac_os_x_server, Kde, Libtiff, Mandrake_linux, Pdf_library, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Wxgtk2 N/A
2004-09-16 CVE-2004-0827 Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. Linux, Imlib, Imlib2, Imagemagick, Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Java_desktop_system, Suse_linux, Turbolinux, Ubuntu_linux N/A
2004-12-31 CVE-2004-0817 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. Linux, Imlib, Imlib2, Imagemagick, Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Java_desktop_system, Suse_linux, Turbolinux_desktop, Turbolinux_server, Turbolinux_workstation, Ubuntu_linux N/A