7 matches found
CVE-2004-0940
CVE-2004-0940 is a confirmed vulnerability: a buffer overflow in mod_include.get_tag() affects Apache 1.3.x up to 1.3.32, allowing local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. The impact is ...
CVE-2007-1352
The CVE-2007-1352 issue is an integer overflow in the FontFileInitTable function of X.Org libXfont before 20070403. The vulnerability allows remote authenticated users to cause a heap overflow by placing a long first line in the fonts.dir file, potentially enabling arbitrary code execution. Affec...
CVE-2004-0881
CVE-2004-0881 affects getmail up to 4.2.0 (and other versions before 3.2.5). When run as root, getmail could overwrite arbitrary files via a symlink attack on maildir subdirectories, enabling local, privilege-escalating impact. Public advisories from Debian (DSA-553) and Slackware note a root com...
CVE-2004-0891
GAIM is affected by CVE-2004-0891: a buffer overflow in the MSN protocol handler (MSNSLP) for gaim versions 0.79 through 1.0.1, caused by an unbounded copy that writes to the wrong buffer during processing of an unexpected MSNSLP sequence. This can cause remote denial of service (crash) and poten...
CVE-2003-0962
CVE-2003-0962 is a heap-based/buffer overflow in rsync versions prior to 2.5.7 when run in server mode. The vulnerability could allow a remote attacker to execute arbitrary code on the rsync server, potentially while in a chroot jail. The issue affects servers listening on port 873. Advisories fr...
CVE-2004-0424
CVE-2004-0424 involves an integer overflow in the Linux kernel’s ip_setsockopt handling of the MCAST_MSFILTER socket option. Affected ranges are Linux kernel 2.4.22–2.4.25 and 2.6.1–2.6.3. The vulnerability allows local users to cause a crash (denial of service) or potentially execute arbitrary c...
CVE-2004-0880
CVE-2004-0880 affects getmail 4.x up to version before 4.2.0. When run with root privileges, local users can exploit a symlink attack on an mbox file to overwrite arbitrary files. The risk is described as a local, likely low-severity issue with partial integrity impact; exploitation details are n...