Vulnerabilities > Mandrakesoft > Mandrake Linux Corporate Server > High

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-0817 BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. 		7.5
7.5
2004-12-23 CVE-2004-0805 Remote Stereo Boundary Buffer Overflow vulnerability in MPG123
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.
network
low complexity
mpg123 mandrakesoft
7.5
7.5
2004-12-21 CVE-2004-1307 Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. 7.5
7.5
2004-12-06 CVE-2004-0496 Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
local
low complexity
mandrakesoft suse gentoo linux sun
7.2
7.2
2004-09-16 CVE-2004-0827 Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. 7.5
7.5
2003-07-24 CVE-2003-0434 Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
network
low complexity
adobe xpdf mandrakesoft redhat
7.5
7.5
2001-11-28 CVE-2001-1449 Remote Security vulnerability in Apache
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
network
low complexity
apache mandrakesoft
7.5
7.5
2001-07-18 CVE-2001-1030 Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
network
low complexity
caldera immunix mandrakesoft squid redhat trustix
7.5
7.5
2001-07-02 CVE-2001-0439 licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
network
low complexity
licq conectiva freebsd mandrakesoft redhat
7.5
7.5
2001-06-27 CVE-2001-0441 Buffer Overflow vulnerability in SLRN Long Header
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
network
low complexity
debian mandrakesoft redhat
7.5
7.5