Product:

Fedora_core

(Redhat)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 79
Date Id Summary Products Score Patch Annotated
2005-04-22 CVE-2005-0754 Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. Linux, Linux, Kde, Quanta, Fedora_core, Ubuntu_linux N/A
2005-03-27 CVE-2005-0750 The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. Linux, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Suse_linux, Ubuntu_linux N/A
2005-03-07 CVE-2005-0667 Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. Alt_linux, Linux, Enterprise_linux, Fedora_core, Linux_advanced_workstation, Sylpheed, Sylpheed\-Claws N/A
2005-03-02 CVE-2005-0605 scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. Alt_linux, Lesstif, Mandrake_linux, Mandrake_linux_corporate_server, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Propack, Suse_linux, X11r6, X11r6 N/A
2004-10-07 CVE-2005-0373 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. Mac_os_x, Mac_os_x_server, Linux, Sasl, Openpkg, Fedora_core, Suse_cvsup, Suse_linux N/A
2005-04-27 CVE-2005-0206 The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. Ptex, Cstetex, Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Mandrake_linux_corporate_server, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Advanced_linux_environment, Propack, Suse_linux, Tetex, Ubuntu_linux, Xpdf N/A
2005-03-05 CVE-2005-0109 Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. Freebsd, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Openserver, Unixware, Solaris, Ubuntu_linux 5.6
2005-04-27 CVE-2005-0085 Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. Htdig, Mandrake_linux, Mandrake_linux_corporate_server, Fedora_core, Suse_linux N/A
2004-10-18 CVE-2004-1613 Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. Mozilla, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Propack N/A
2005-01-10 CVE-2004-1270 lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. Cups, Fedora_core N/A