PaX
by PAX
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-0666 | 0.03 | — | 0.03 | May 2, 2005 | Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SEGMEXEC or RANDEXEC and VMA mirroring, allows local users and possibly remote attackers to bypass intended access restrictions and execute arbitrary code. | |||
| CVE-2004-1983 | 0.03 | — | 0.01 | May 2, 2004 | The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. | |||
| CVE-2015-1194 | 0.00 | — | 0.02 | Jan 21, 2015 | pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive. | |||
| CVE-2015-1193 | 0.00 | — | 0.02 | Jan 21, 2015 | Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive. |
- CVE-2005-0666May 2, 2005risk 0.03cvss —epss 0.03
Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SEGMEXEC or RANDEXEC and VMA mirroring, allows local users and possibly remote attackers to bypass intended access restrictions and execute arbitrary code.
- CVE-2004-1983May 2, 2004risk 0.03cvss —epss 0.01
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
- CVE-2015-1194Jan 21, 2015risk 0.00cvss —epss 0.02
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
- CVE-2015-1193Jan 21, 2015risk 0.00cvss —epss 0.02
Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.