Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2004-12-31	CVE-2004-0817	BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. network low complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu	7.5
2004-12-31	CVE-2004-0802	BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. network high complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu	5.1
2004-12-23	CVE-2004-1337	The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. local low complexity gnu conectiva ubuntu	7.2
2004-12-21	CVE-2004-1307	Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. network low complexity avaya f5 libtiff sgi conectiva apple gentoo mandrakesoft sco sun	7.5
2004-12-15	CVE-2004-1145	Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. network low complexity ethereal-group sgi conectiva altlinux debian redhat suse	5.0
2004-12-06	CVE-2004-0626	The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. network low complexity conectiva gentoo linux suse	5.0
2004-12-06	CVE-2004-0497	Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. local low complexity mandrakesoft conectiva gentoo linux redhat suse trustix	2.1
2004-10-07	CVE-2005-0373	Remote And Local vulnerability in Cyrus SASL Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. network low complexity cyrus openpkg suse conectiva apple redhat	7.5
2004-09-16	CVE-2004-0827	Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. network low complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu	7.5
2004-09-16	CVE-2004-0801	Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands. network low complexity linuxprinting-org sun conectiva trustix	7.5