Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2005-05-02 CVE-2005-0076 Unspecified vulnerability in Debian Linux 3.0
Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.
local
low complexity
debian
7.2
2005-05-02 CVE-2005-0005 Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
network
low complexity
graphicsmagick imagemagick sgi debian gentoo suse
7.5
2005-04-27 CVE-2005-0206 Integer Overflow vulnerability in Xpdf PDFTOPS
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
7.5
2005-04-14 CVE-2004-1176 Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. 7.5
2005-04-14 CVE-2004-1175 fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. 7.5
2005-04-14 CVE-2004-1005 Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. 7.5
2005-04-14 CVE-2004-1004 Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. 7.5
2005-03-01 CVE-2004-1051 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. 7.2
2005-03-01 CVE-2004-0986 Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
network
low complexity
suse debian linux redhat
7.5
2005-02-25 CVE-2005-0107 Unspecified vulnerability in Debian Bsmtpd 2.3
bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands.
network
low complexity
debian
7.5