Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0080 | Remote Security vulnerability in Ubuntu Linux The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. | 5.0 |
2005-05-02 | CVE-2005-0079 | Local Buffer Overflow vulnerability in Xtrlock 2.0 Buffer overflow in xtrlock 2.0 allows local users to cause a denial of service (application crash) and hijack the desktop session. | 4.6 |
2005-05-02 | CVE-2005-0078 | The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. | 4.6 |
2005-05-02 | CVE-2005-0077 | Insecure Temporary File Creation vulnerability in Libdbi-perl The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | 2.1 |
2005-05-02 | CVE-2005-0076 | Unspecified vulnerability in Debian Linux 3.0 Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. | 7.2 |
2005-05-02 | CVE-2005-0073 | Unspecified vulnerability in Debian Sympa 3.3.3 Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code. | 4.6 |
2005-05-02 | CVE-2005-0071 | Remote File Access vulnerability in VDR Daemon vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files. | 5.0 |
2005-05-02 | CVE-2005-0070 | Local File Disclosure vulnerability in Synaesthesia Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files. | 7.2 |
2005-05-02 | CVE-2005-0065 | Remote Denial Of Service vulnerability in Multiple Vendor TCP/IP Implementation ICMP The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. | 10.0 |
2005-05-02 | CVE-2005-0064 | Unspecified vulnerability in Xpdf Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value. | 7.5 |