SUSE CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...

SUSE CVE-2005-0528

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0985. Reason: This candidate is a duplicate of CVE-2003-0985. Notes: All CVE users should reference CVE-2003-0985 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

SUSE CVE-2005-0760

The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service crash via a crafted TIFF file...

SUSE CVE-2005-1458

Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors...

SUSE CVE-2005-1847

Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...

SUSE CVE-2005-1934

Gaim before 1.3.1 allows remote attackers to cause a denial of service crash via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error...

SUSE CVE-2005-2096

zlib 1.2 and later versions allows remote attackers to cause a denial of service crash via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file...

SUSE CVE-2005-2102

The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service application crash via a filename that contains invalid UTF-8 characters...

SUSE CVE-2005-2978

pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap PNM images to Portable Network Graphics PNG, which might allow attackers to execute arbitrary code by modifying the stack...

SUSE CVE-2005-3007

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." dot, which might allow remote attackers to trick users into processing dangerous content...

SUSE CVE-2005-3239

The OLE2 unpacker in clamd in Clam AntiVirus ClamAV 0.87-1 allows remote attackers to cause a denial of service segmentation fault via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2walkpropertytree function...

SUSE CVE-2005-3247

The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service infinite loop via unknown vectors...

SUSE CVE-2006-0058

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations...

SUSE CVE-2006-1549

PHP 4.4.2 and 5.1.2 allows local users to cause a crash segmentation fault by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected...

SUSE CVE-2006-1681

Cross-site scripting XSS vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated...

SUSE CVE-2006-1940

Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service abort via the SNDCP dissector...

SUSE CVE-2006-3119

The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...

SUSE CVE-2006-4096

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service crash via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty...

SUSE CVE-2006-5466

Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ruRU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages...

SUSE CVE-2006-6628

Integer overflow in OpenOffice.org OOo 2.1 allows user-assisted remote attackers to cause a denial of service application crash via a crafted DOC file, as demonstrated by the 12122006-djtest.doc file, a variant of CVE-2006-6561 in a separate codebase...