Enterprise Linux@2.1 Security Vulnerabilities and Issues — Enterprise Linux@2.1 CVE List

Lucene search

RedhatEnterprise Linux2.1

21 matches found

CVE•added 2004/08/06 4:0 a.m.•126 views

CVE-2004-0495

Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

7.2CVSS6.5AI score0.00056EPSS

CVE•added 2004/08/06 4:0 a.m.•100 views

CVE-2004-0554

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

2.1CVSS5.9AI score0.00665EPSS

CVE•added 2004/12/23 5:0 a.m.•85 views

CVE-2004-0803

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

7.5CVSS9.8AI score0.17883EPSS

CVE•added 2004/08/18 4:0 a.m.•77 views

CVE-2004-0421

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

5CVSS7.1AI score0.02457EPSS

CVE•added 2004/12/31 5:0 a.m.•74 views

CVE-2004-0904

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

10CVSS7.7AI score0.20716EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0497

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

2.1CVSS5.7AI score0.00293EPSS

CVE•added 2004/09/24 4:0 a.m.•69 views

CVE-2004-0827

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

7.5CVSS7.5AI score0.03692EPSS

CVE•added 2004/12/31 5:0 a.m.•66 views

CVE-2004-0817

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

7.5CVSS7.2AI score0.03598EPSS

CVE•added 2004/12/31 5:0 a.m.•62 views

CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

5.1CVSS7.5AI score0.06287EPSS

CVE•added 2004/11/23 5:0 a.m.•57 views

CVE-2004-0494

Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.

7.5CVSS6.3AI score0.00855EPSS

CVE•added 2004/03/03 5:0 a.m.•56 views

CVE-2004-0104

Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.

7.5CVSS7.2AI score0.49809EPSS

CVE•added 2004/09/24 4:0 a.m.•56 views

CVE-2004-0905

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

4.6CVSS6.8AI score0.05741EPSS

CVE•added 2004/09/01 4:0 a.m.•55 views

CVE-2004-0111

gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.

5CVSS6AI score0.01347EPSS

CVE•added 2004/09/01 4:0 a.m.•54 views

CVE-2002-1323

Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.

4.6CVSS6.2AI score0.00082EPSS

CVE•added 2004/12/31 5:0 a.m.•54 views

CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

5CVSS6.2AI score0.06148EPSS

CVE•added 2004/12/31 5:0 a.m.•53 views

CVE-2004-1142

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5CVSS6.2AI score0.08831EPSS

CVE•added 2004/12/06 5:0 a.m.•52 views

CVE-2004-0634

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

5CVSS6.1AI score0.10554EPSS

CVE•added 2004/12/06 5:0 a.m.•52 views

CVE-2004-0635

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

5CVSS6.2AI score0.08502EPSS

CVE•added 2004/12/31 5:0 a.m.•52 views

CVE-2004-1145

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary fi...

5CVSS6.8AI score0.06715EPSS

CVE•added 2004/03/03 5:0 a.m.•49 views

CVE-2004-0105

Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.

7.5CVSS7.2AI score0.15283EPSS

CVE•added 2004/12/06 5:0 a.m.•49 views

CVE-2004-0633

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

5CVSS6.3AI score0.37279EPSS