Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

13 matches found

CVE•added 2004/12/23 5:0 a.m.•85 views

CVE-2004-0803

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

7.5CVSS9.8AI score0.17883EPSS

CVE•added 2004/12/31 5:0 a.m.•74 views

CVE-2004-0904

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

10CVSS7.7AI score0.20716EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0497

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

2.1CVSS5.7AI score0.00293EPSS

CVE•added 2004/12/23 5:0 a.m.•67 views

CVE-2004-0685

Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.

4.6CVSS5.3AI score0.00149EPSS

CVE•added 2004/12/31 5:0 a.m.•66 views

CVE-2004-0817

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

7.5CVSS7.2AI score0.03598EPSS

CVE•added 2004/12/31 5:0 a.m.•62 views

CVE-2004-0802

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

5.1CVSS7.5AI score0.06287EPSS

CVE•added 2004/12/06 5:0 a.m.•57 views

CVE-2004-0607

The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.

10CVSS6.2AI score0.03036EPSS

CVE•added 2004/12/31 5:0 a.m.•54 views

CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

5CVSS6.2AI score0.06148EPSS

CVE•added 2004/12/31 5:0 a.m.•53 views

CVE-2004-1142

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5CVSS6.2AI score0.08831EPSS

CVE•added 2004/12/06 5:0 a.m.•52 views

CVE-2004-0634

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

5CVSS6.1AI score0.10554EPSS

CVE•added 2004/12/06 5:0 a.m.•52 views

CVE-2004-0635

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

5CVSS6.2AI score0.08502EPSS

CVE•added 2004/12/31 5:0 a.m.•52 views

CVE-2004-1145

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary fi...

5CVSS6.8AI score0.06715EPSS

CVE•added 2004/12/06 5:0 a.m.•49 views

CVE-2004-0633

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

5CVSS6.3AI score0.37279EPSS