Enterprise Linux@4.0 Security Vulnerabilities and Issues — Enterprise Linux@4.0 CVE List

Lucene search

RedhatEnterprise Linux4.0

11 matches found

CVE•added 2007/04/06 1:19 a.m.•87 views

CVE-2007-1352

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

3.8CVSS7.6AI score0.01775EPSS

CVE•added 2007/04/06 1:19 a.m.•77 views

CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

8.5CVSS7.7AI score0.07488EPSS

CVE•added 2007/07/15 10:30 p.m.•66 views

CVE-2007-3103

The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.

6.2CVSS5.9AI score0.00078EPSS

CVE•added 2007/02/20 5:28 p.m.•64 views

CVE-2007-1007

Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.

10CVSS7.4AI score0.12342EPSS

CVE•added 2007/01/30 7:28 p.m.•62 views

CVE-2006-5753

Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

7.2CVSS5.9AI score0.00081EPSS

CVE•added 2007/03/02 9:18 p.m.•55 views

CVE-2007-0001

The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped.

4.7CVSS5.8AI score0.00198EPSS

CVE•added 2007/12/20 10:46 p.m.•55 views

CVE-2007-6285

The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special dev...

6.2CVSS6AI score0.00138EPSS

CVE•added 2007/11/30 2:46 a.m.•54 views

CVE-2007-5494

Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP.

4.9CVSS5.6AI score0.00043EPSS

CVE•added 2007/12/03 8:46 p.m.•53 views

CVE-2006-7226

Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of ...

4.3CVSS6.1AI score0.01528EPSS

CVE•added 2007/04/16 8:19 p.m.•47 views

CVE-2007-2030

lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.

4.9CVSS6.1AI score0.0011EPSS

CVE•added 2007/09/17 5:17 p.m.•46 views

CVE-2007-3379

Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.

2.1CVSS6.1AI score0.00057EPSS