Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-06-02 | CVE-2008-1036 | The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | Mac_os_x, Mac_os_x_server, Enterprise_linux | N/A | ||
| 2007-12-20 | CVE-2007-6285 | The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device. | Enterprise_linux | N/A | ||
| 2008-05-07 | CVE-2007-6282 | The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2007-12-13 | CVE-2007-5964 | The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server. | Enterprise_linux | N/A | ||
| 2007-11-30 | CVE-2007-5494 | Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP. | Enterprise_linux | N/A | ||
| 2007-10-11 | CVE-2007-5365 | Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. | Debian_linux, Openbsd, Enterprise_linux, Linux_advanced_workstation, Opensolaris, Solaris, Ubuntu_linux | N/A | ||
| 2007-11-07 | CVE-2007-5116 | Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. | Perl, Mandrake_multi_network_firewall, Openpkg, Enterprise_linux | N/A | ||
| 2008-05-07 | CVE-2007-5001 | Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2007-10-23 | CVE-2007-4574 | Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors. | Enterprise_linux | N/A | ||
| 2008-02-04 | CVE-2007-4130 | The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation. | Enterprise_linux, Enterprise_linux_desktop | N/A |