Vulnerabilities > Debian > Critical

DATE CVE VULNERABILITY TITLE RISK
2006-08-31 CVE-2006-4482 Out-of-bounds Write vulnerability in multiple products
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990.
network
php canonical debian CWE-787
critical
9.3
2005-12-31 CVE-2005-3625 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
10.0
2005-10-17 CVE-2005-3120 Incorrect Calculation of Buffer Size vulnerability in multiple products
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
network
low complexity
invisible-island debian CWE-131
critical
9.8
2005-07-18 CVE-2005-1689 Double Free vulnerability in multiple products
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
network
low complexity
mit apple debian CWE-415
critical
9.8
2005-05-11 CVE-2005-1513 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
network
low complexity
qmail-project canonical debian CWE-190
critical
9.8
2005-03-01 CVE-2004-1052 Buffer Overflow vulnerability in BNC getnickuserhost IRC Server Response
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
network
low complexity
bnc debian gentoo
critical
10.0
2005-02-09 CVE-2004-0981 Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
network
low complexity
imagemagick debian gentoo suse
critical
10.0
2005-02-09 CVE-2004-0980 Remote Format String vulnerability in EZ-IPupdate
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
network
low complexity
angus-mackay debian gentoo
critical
10.0
2005-02-09 CVE-2004-0964 Remote Buffer Overflow vulnerability in Zinf Malformed Playlist File
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
network
low complexity
zinf debian
critical
10.0
2005-01-27 CVE-2004-0889 Integer Overflow vulnerability in Xpdf PDFTOPS
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
10.0