CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

CVE-2007-1352

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

CVE-2004-0881

getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.

CVE-2004-0891

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer...

CVE-2003-0962

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

CVE-2004-0880

getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.

CVE-2004-0424

Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.