Slackware Linux@9.0 Security Vulnerabilities and Issues — Slackware Linux@9.0 CVE List

Lucene search

SlackwareSlackware Linux9.0

13 matches found

CVE•added 2005/02/09 5:0 a.m.•120 views

CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

7.8CVSS8AI score0.04161EPSS

CVE•added 2007/04/06 1:19 a.m.•87 views

CVE-2007-1352

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

3.8CVSS7.6AI score0.01775EPSS

CVE•added 2006/01/06 10:0 p.m.•79 views

CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

5CVSS6.3AI score0.07223EPSS

CVE•added 2006/01/06 10:0 p.m.•78 views

CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

5CVSS6.1AI score0.09167EPSS

CVE•added 2006/01/06 10:0 p.m.•75 views

CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

10CVSS6.2AI score0.11286EPSS

CVE•added 2004/08/18 4:0 a.m.•68 views

CVE-2004-0226

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

10CVSS7AI score0.01177EPSS

CVE•added 2005/01/27 5:0 a.m.•67 views

CVE-2004-0891

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer...

10CVSS8AI score0.05439EPSS

CVE•added 2003/12/15 5:0 a.m.•63 views

CVE-2003-0962

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

7.5CVSS7.8AI score0.40719EPSS

CVE•added 2004/01/05 5:0 a.m.•57 views

CVE-2003-0977

CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.

7.5CVSS7.4AI score0.01901EPSS

CVE•added 2004/08/18 4:0 a.m.•53 views

CVE-2004-0232

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

5CVSS7.1AI score0.01032EPSS

CVE•added 2003/06/16 4:0 a.m.•49 views

CVE-2003-0195

CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.

5CVSS6.2AI score0.16373EPSS

CVE•added 2004/08/18 4:0 a.m.•48 views

CVE-2004-0231

Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."

2.1CVSS6.4AI score0.00092EPSS

CVE•added 2003/05/23 4:0 a.m.•34 views

CVE-2003-0335

rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec.

7.5CVSS7AI score0.00489EPSS