Vulnerabilities > Fedoraproject > Fedora > 17

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-01	CVE-2013-0159	Link Following vulnerability in Fedoraproject Fedora 17/18 The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. local low complexity fedoraproject CWE-59	7.1
2016-03-30	CVE-2015-8837	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file. local low complexity fuseiso-project debian fedoraproject CWE-119	7.3
2016-03-30	CVE-2015-8836	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow. local low complexity fedoraproject fuseiso-project CWE-119	7.3
2013-02-13	CVE-2012-3363	XXE vulnerability in multiple products Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML external entity (XXE) injection attack. network low complexity zend fedoraproject debian CWE-611 critical	9.1
2013-01-18	CVE-2012-5656	XXE vulnerability in multiple products The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. local low complexity inkscape fedoraproject canonical opensuse CWE-611	5.5
2012-06-17	CVE-2012-0037	XXE vulnerability in multiple products Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. network low complexity librdf libreoffice apache fedoraproject redhat debian CWE-611	6.5