Mandrake Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2005-03-14	CVE-2005-0473	Remote Denial of Service vulnerability in Gaim The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. network low complexity rob-flynn mandrakesoft redhat	5.0
2005-03-14	CVE-2005-0472	Remote Denial of Service vulnerability in Gaim Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. network low complexity rob-flynn mandrakesoft redhat	5.0
2005-03-02	CVE-2005-0605	Integer Overflow vulnerability in libXPM Bitmap_unit scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. network low complexity lesstif sgi x-org xfree86-project altlinux mandrakesoft redhat suse	7.5
2005-03-01	CVE-2004-1051	sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. local low complexity mandrakesoft todd-miller debian trustix ubuntu	7.2
2005-03-01	CVE-2004-0983	Denial Of Service vulnerability in Yukihiro Matsumoto Ruby CGI Module The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. network low complexity yukihiro-matsumoto gentoo mandrakesoft ubuntu	5.0
2005-02-21	CVE-2005-0503	uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. local low complexity uim mandrakesoft	4.6
2005-02-09	CVE-2004-0975	The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. local low complexity mandrakesoft openssl gentoo	2.1
2005-02-09	CVE-2004-0974	The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. local low complexity netatalk mandrakesoft redhat	2.1
2005-02-09	CVE-2004-0937	Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse	7.5
2005-01-27	CVE-2004-0936	RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity archive-zip broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse	7.5