Turbolinux Workstation
by Turbolinux
CVEs (20)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0694 | 0.08 | — | 0.60 | Oct 6, 2003 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||
| CVE-2003-0681 | 0.05 | — | 0.20 | Oct 6, 2003 | A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | |||
| CVE-2005-3624 | 0.00 | — | 0.02 | Dec 31, 2005 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer… | |||
| CVE-2005-3626 | 0.00 | — | 0.03 | Dec 31, 2005 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. | |||
| CVE-2005-3625 | 0.00 | — | 0.04 | Dec 31, 2005 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka… | |||
| CVE-2005-0988 | 0.00 | — | 0.01 | May 2, 2005 | Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is… | |||
| CVE-2004-1005 | 0.00 | — | 0.02 | Apr 14, 2005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | |||
| CVE-2004-1174 | 0.00 | — | 0.01 | Apr 14, 2005 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." | |||
| CVE-2004-1004 | 0.00 | — | 0.02 | Apr 14, 2005 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | |||
| CVE-2004-1175 | 0.00 | — | 0.02 | Apr 14, 2005 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | |||
| CVE-2004-1090 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." | |||
| CVE-2004-1009 | 0.00 | — | 0.03 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||
| CVE-2004-1176 | 0.00 | — | 0.03 | Apr 14, 2005 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||
| CVE-2004-1091 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. | |||
| CVE-2004-1093 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." | |||
| CVE-2004-1092 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. | |||
| CVE-2004-0817 | 0.00 | — | 0.05 | Dec 31, 2004 | Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | |||
| CVE-2004-0802 | 0.00 | — | 0.03 | Dec 31, 2004 | Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | |||
| CVE-2004-1377 | 0.00 | — | 0.00 | Dec 27, 2004 | The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2003-0370 | 0.00 | — | 0.02 | Jun 16, 2003 | Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. |
- CVE-2003-0694Oct 6, 2003risk 0.08cvss —epss 0.60
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
- CVE-2003-0681Oct 6, 2003risk 0.05cvss —epss 0.20
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
- CVE-2005-3624Dec 31, 2005risk 0.00cvss —epss 0.02
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer…
- CVE-2005-3626Dec 31, 2005risk 0.00cvss —epss 0.03
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
- CVE-2005-3625Dec 31, 2005risk 0.00cvss —epss 0.04
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka…
- CVE-2005-0988May 2, 2005risk 0.00cvss —epss 0.01
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is…
- CVE-2004-1005Apr 14, 2005risk 0.00cvss —epss 0.02
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
- CVE-2004-1174Apr 14, 2005risk 0.00cvss —epss 0.01
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
- CVE-2004-1004Apr 14, 2005risk 0.00cvss —epss 0.02
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
- CVE-2004-1175Apr 14, 2005risk 0.00cvss —epss 0.02
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
- CVE-2004-1090Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
- CVE-2004-1009Apr 14, 2005risk 0.00cvss —epss 0.03
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
- CVE-2004-1176Apr 14, 2005risk 0.00cvss —epss 0.03
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
- CVE-2004-1091Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
- CVE-2004-1093Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
- CVE-2004-1092Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
- CVE-2004-0817Dec 31, 2004risk 0.00cvss —epss 0.05
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
- CVE-2004-0802Dec 31, 2004risk 0.00cvss —epss 0.03
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
- CVE-2004-1377Dec 27, 2004risk 0.00cvss —epss 0.00
The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2003-0370Jun 16, 2003risk 0.00cvss —epss 0.02
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.