11 matches found
CVE-2009-3547
CVE-2009-3547 refers to multiple race conditions in fs/pipe.c of the Linux kernel before 2.6.32-rc6. The flaws can allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by opening an anonymous pipe via a /proc/*/fd/ pathname. A fix is availa...
CVE-2009-2848
CVE-2009-2848 is confirmed in connected material as applicable to MiracleLinux kernel package 2.6.18-128.10AXS3, aligning with the Linux kernel vulnerability where execve does not properly clear current->clear_child_tid during thread creation/exit. This misbehavior can enable local users to ca...
CVE-2008-5021
The CVE-2008-5021 vulnerability affects Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13. It is caused by modifying properties of a file input element while it is still initializing, followed by using blur to access un...
CVE-2008-2812
CVE-2008-2812 affects the Linux kernel prior to 2.6.25.10, with NULL pointer dereferences in tty handling (notably in drivers/net/ such as hamradio, irda, ppp, slip, wan, and wireless components) potentially enabling local privilege escalation or a system crash. The issue arises from missing chec...
CVE-2007-6716
CVE-2007-6716 affects the Linux kernel before 2.6.23, where in the dio subsystem the file system’s direct-io path (fs/direct-io.c) may fail to zero out the dio struct. This can allow a local user to cause a denial of service (OOPS), as demonstrated by a fio test. The connected documents confirm t...
CVE-2005-1767
CVE-2005-1767 affects Linux kernels 2.4.x and 2.6.x; the vulnerability exists in traps.c stack fault handler, allowing a local user to cause a kernel crash (Denial of Service) via stack exceptions. Public advisories (Debian, Red Hat/CentOS, Ubuntu) indicate updated kernel packages mitigate the is...
CVE-2005-1763
CVE-2005-1763 describes a buffer overflow in the ptrace system call for 64-bit Linux kernels, enabling local users to write into kernel memory. The issue affects 64-bit architectures and is reported in multiple advisories. Public details confirm a local-exploit scenario with kernel memory impact ...
CVE-2005-1761
CVE-2005-1761 affects the Linux kernel 2.6 and 2.4 on IA-64. The issue allows local users to crash the kernel (denial of service) via the ptrace mechanism and the restore_sigcontext function. The vulnerability is a local privilege/impact scenario with a kernel crash, as indicated by the CVE mappi...
CVE-2006-0736
CVE-2006-0736 is a stack-based buffer overflow in the pam_micasa PAM authentication module of CASA, affecting Novell Linux Desktop 9 and Open Enterprise Server 1. The vulnerability allows remote code execution and could grant root access, via remote vectors. The SUSE advisory SUSE-SA:2006:010 con...
CVE-2005-1065
The vulnerability CVE-2005-1065 affects tetex in Novell Linux Desktop 9. An attacker with local access can determine the existence of arbitrary files via a symlink attack in /var/cache/fonts, enabling partial confidentiality impact without authentication. The common root cause is a symlink handli...
CVE-2005-1040
The CVE-2005-1040 entry concerns Novell Linux Desktop 9, specifically the netapplet component. It describes multiple unknown vulnerabilities that allow local users to gain root privileges, related to user input being passed to network scripts without verification. The connected Red Hat and NVD re...