Secure Linux@1.5 Security Vulnerabilities and Issues — Secure Linux@1.5 CVE List

Lucene search

TrustixSecure Linux1.5

8 matches found

CVE•added 2004/07/27 4:0 a.m.•104 views

CVE-2004-0595

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and fa...

6.8CVSS5.3AI score0.54875EPSS

CVE•added 2004/12/23 5:0 a.m.•85 views

CVE-2004-0803

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

7.5CVSS9.8AI score0.17883EPSS

CVE•added 2004/07/27 4:0 a.m.•83 views

CVE-2004-0600

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

10CVSS7.5AI score0.59614EPSS

CVE•added 2004/09/01 4:0 a.m.•79 views

CVE-2004-0077

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulne...

7.2CVSS6.2AI score0.0057EPSS

CVE•added 2004/08/06 4:0 a.m.•75 views

CVE-2004-0493

The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab charact...

6.4CVSS6.8AI score0.91151EPSS

CVE•added 2004/07/27 4:0 a.m.•71 views

CVE-2004-0594

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a Ha...

5.1CVSS7.4AI score0.86915EPSS

CVE•added 2004/07/27 4:0 a.m.•56 views

CVE-2004-0686

Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.

5CVSS6.3AI score0.15252EPSS

CVE•added 2004/09/01 4:0 a.m.•38 views

CVE-2002-1319

The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.

2.1CVSS6.2AI score0.00063EPSS