Vulnerabilities > Gnome
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-06 | CVE-2007-1266 | Unspecified vulnerability in Gnome Evolution Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. | 5.0 |
| 2007-01-24 | CVE-2007-0010 | Unspecified vulnerability in Gnome GTK The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file. | 2.1 |
| 2006-12-22 | CVE-2006-6698 | Denial of Service vulnerability in Gnome Gconf 2.14.0 The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files under directories with names based on the username, even when GCONF_GLOBAL_LOCKS is not set, which allows local users to cause a denial of service by creating the directories ahead of time, which prevents other users from using Gnome. local gnome | 1.9 |
| 2006-12-15 | CVE-2006-6105 | Local Format String vulnerability in GNOME Display Manager GDMChooser Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog. | 4.3 |
| 2006-06-16 | CVE-2006-3057 | Remote Denial of Service vulnerability in Dhcdbd 1.10/1.12 Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption. | 5.0 |
| 2006-06-09 | CVE-2006-2452 | Authentication Bypass vulnerability in GNOME Foundation GDM Configure Login Manager GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges. | 3.7 |
| 2006-06-02 | CVE-2006-2789 | Denial Of Service vulnerability in GNOME Evolution Email Attachment Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used. | 2.6 |
| 2006-04-25 | CVE-2006-1057 | Race Condition vulnerability in Gnome GDM 2.14 Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. | 3.7 |
| 2006-03-21 | CVE-2006-1335 | Denial-Of-Service vulnerability in Screensaver gnome screensaver before 2.14, when running on an X server with AllowDeactivateGrabs and AllowClosedownGrabs enabled, allows attackers with physical access to cause the screensaver to crash and access the session via the Ctl+Alt+Keypad-Multiply keyboard sequence, which removes the grab from gnome. | 3.7 |
| 2006-03-15 | CVE-2006-1244 | Multiple Unspecified vulnerability in XPDF Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. | 7.6 |