High

DATE	CVE	VULNERABILITY TITLE	RISK
2005-05-02	CVE-2005-0076	Unspecified vulnerability in Debian Linux 3.0 Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. local low complexity debian	7.2
2005-05-02	CVE-2005-0005	Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. network low complexity graphicsmagick imagemagick sgi debian gentoo suse	7.5
2005-04-27	CVE-2005-0206	Integer Overflow vulnerability in Xpdf PDFTOPS The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. network low complexity ascii cstex easy-software-products gnome kde pdftohtml sgi tetex xpdf debian gentoo mandrakesoft redhat suse ubuntu	7.5
2005-04-14	CVE-2004-1176	Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1175	fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1005	Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1004	Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-03-01	CVE-2004-1051	sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. local low complexity mandrakesoft todd-miller debian trustix ubuntu	7.2
2005-03-01	CVE-2004-0986	Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. network low complexity suse debian linux redhat	7.5
2005-02-25	CVE-2005-0107	Unspecified vulnerability in Debian Bsmtpd 2.3 bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands. network low complexity debian	7.5