Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-14 | CVE-2006-1530 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-13 | CVE-2006-1772 | Local Database Administrator Password Disclosure vulnerability in Debian Linux 3.1 debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password. | 7.2 |
2006-03-15 | CVE-2006-1244 | Multiple Unspecified vulnerability in XPDF Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. | 7.6 |
2005-11-30 | CVE-2005-3912 | Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format string specifiers in the username parameter to the login form, which is ultimately used in a syslog call. | 7.5 |
2005-10-27 | CVE-2005-3323 | docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality. | 7.5 |
2005-08-05 | CVE-2005-1854 | Remote Command Execution vulnerability in Debian Apt-Cacher 0.9.4/0.9.9 Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. | 7.5 |
2005-07-26 | CVE-2005-1920 | Improper Preservation of Permissions vulnerability in multiple products The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | 7.5 |
2005-05-25 | CVE-2005-1151 | Unspecified vulnerability in Debian Qpopper 4.0.4/4.0.5 qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root. | 7.2 |
2005-05-19 | CVE-2005-0392 | Local Privilege Escalation vulnerability in PPXP ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands. | 7.2 |
2005-05-02 | CVE-2005-0211 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter. | 7.5 |