Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2007-06-26 CVE-2007-2798 Out-Of-Bounds Write vulnerability in multiple products
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
network
low complexity
mit canonical debian CWE-787
critical
9.0
2007-06-26 CVE-2007-2443 Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
low complexity
mit debian canonical
8.3
2007-06-26 CVE-2007-3409 Uncontrolled Recursion vulnerability in multiple products
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
network
low complexity
net-dns debian canonical CWE-674
7.5
2007-06-11 CVE-2007-2875 Numeric Errors vulnerability in Linux Kernel
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.
local
low complexity
linux debian canonical CWE-189
2.1
2007-05-16 CVE-2007-2691 MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. 4.9
2007-05-14 CVE-2007-2444 Improper Privilege Management vulnerability in multiple products
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.
local
low complexity
samba debian canonical CWE-269
7.2
2007-05-10 CVE-2007-2583 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
network
low complexity
oracle debian canonical
4.0
2007-05-09 CVE-2007-1864 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
network
low complexity
php debian canonical redhat CWE-119
7.5
2007-04-24 CVE-2007-2138 Permissions, Privileges, and Access Controls vulnerability in multiple products
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings."
6.0
2007-04-06 CVE-2007-1887 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
network
low complexity
php canonical debian CWE-120
7.5