VYPR

Linux

by File Project

CVEs (135)

  • CVE-2004-0937Feb 9, 2005
    risk 0.04cvss epss 0.15

    Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being…

  • CVE-2004-0934Jan 27, 2005
    risk 0.04cvss epss 0.15

    Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

  • CVE-2004-0935Jan 27, 2005
    risk 0.04cvss epss 0.15

    Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

  • CVE-2004-0936Jan 27, 2005
    risk 0.04cvss epss 0.15

    RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

  • CVE-2004-1304Jan 10, 2005
    risk 0.04cvss epss 0.11

    Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.

  • CVE-2004-1161Jan 10, 2005
    risk 0.04cvss epss 0.07

    rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S.

  • CVE-2004-1096Jan 10, 2005
    risk 0.04cvss epss 0.17

    Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on…

  • CVE-2004-1471Dec 31, 2004
    risk 0.04cvss epss 0.08

    Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper…

  • CVE-2004-1491Dec 31, 2004
    risk 0.04cvss epss 0.13

    Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

  • CVE-2004-0633Dec 6, 2004
    risk 0.04cvss epss 0.18

    The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

  • CVE-2004-0416Aug 6, 2004
    risk 0.04cvss epss 0.13

    Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.

  • CVE-2004-0996Jan 10, 2005
    risk 0.03cvss epss 0.01

    main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2004-0497Dec 6, 2004
    risk 0.03cvss epss 0.01

    Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

  • CVE-2004-1737Aug 16, 2004
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.

  • CVE-2004-0548Aug 6, 2004
    risk 0.03cvss epss 0.01

    Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.

  • CVE-2004-0554Aug 6, 2004
    risk 0.03cvss epss 0.01

    Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

  • CVE-2004-1983May 2, 2004
    risk 0.03cvss epss 0.01

    The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.

  • CVE-2004-0947Feb 9, 2005
    risk 0.01cvss epss 0.07

    Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.

  • CVE-2004-0888Jan 27, 2005
    risk 0.01cvss epss 0.09

    Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by…

  • CVE-2004-0918Jan 27, 2005
    risk 0.01cvss epss 0.16

    The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.

Page 2 of 7