Suse Linux Security Vulnerabilities and Issues — Suse Linux CVE List

Lucene search

SuseSuse Linux

10 matches found

CVE•added 2005/02/09 5:0 a.m.•120 views

CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

7.8CVSS8AI score0.04161EPSS

CVE•added 2005/02/13 5:0 a.m.•65 views

CVE-2004-0866

Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

7.5CVSS6.9AI score0.03541EPSS

CVE•added 2005/02/07 5:0 a.m.•64 views

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

2.1CVSS7AI score0.00386EPSS

CVE•added 2005/02/13 5:0 a.m.•63 views

CVE-2005-0373

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

7.5CVSS7.4AI score0.04758EPSS

CVE•added 2005/02/09 5:0 a.m.•62 views

CVE-2004-0981

Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.

10CVSS7.3AI score0.07221EPSS

CVE•added 2005/02/09 5:0 a.m.•60 views

CVE-2004-0947

Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.

10CVSS7.6AI score0.12786EPSS

CVE•added 2005/02/09 5:0 a.m.•60 views

CVE-2004-0957

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

6.8CVSS5.9AI score0.00386EPSS

CVE•added 2005/02/17 5:0 a.m.•56 views

CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

5CVSS7.5AI score0.2586EPSS

CVE•added 2005/02/09 5:0 a.m.•51 views

CVE-2004-0937

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target syst...

7.5CVSS6.4AI score0.132EPSS

CVE•added 2005/02/13 5:0 a.m.•46 views

CVE-2004-1476

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.

5.1CVSS7.6AI score0.02053EPSS