Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-02-09 | CVE-2004-0970 | Insecure Temporary File Creation vulnerability in GNU Gzip 1.2.4A The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. | 2.1 |
| 2005-02-09 | CVE-2004-0969 | The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | 2.1 |
| 2005-02-09 | CVE-2004-0968 | The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | 2.1 |
| 2005-02-09 | CVE-2004-0967 | Link Following vulnerability in Aladdin Enterprises Ghostscript The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. | 7.2 |
| 2005-02-09 | CVE-2004-0966 | Insecure Temporary File Creation vulnerability in GNU GetText The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | 2.1 |
| 2005-02-09 | CVE-2004-0965 | Local Privilege Escalation vulnerability in HP-UX STMKFONT stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. | 7.2 |
| 2005-02-09 | CVE-2004-0964 | Remote Buffer Overflow vulnerability in Zinf Malformed Playlist File Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file. | 10.0 |
| 2005-02-09 | CVE-2004-0963 | Unspecified vulnerability in Microsoft Word 2002 Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values. | 10.0 |
| 2005-02-09 | CVE-2004-0962 | Unspecified vulnerability in Apple Remote Desktop 2.0.0 Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching. | 10.0 |
| 2005-02-09 | CVE-2004-0961 | Attribute Decoding Denial Of Service vulnerability in FreeRADIUS Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes. | 5.0 |