Vulnerabilities > Mandrakesoft > Mandrake Multi Network Firewall > High

DATE CVE VULNERABILITY TITLE RISK
2007-11-07 CVE-2007-5116 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. 		7.5
7.5
2007-04-06 CVE-2007-1351 Numeric Errors vulnerability in multiple products
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. 		8.5
8.5
2005-03-01 CVE-2004-1051 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. 7.2
7.2
2004-12-31 CVE-2004-2396 passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
local
low complexity
mandrakesoft
7.2
7.2
2004-12-06 CVE-2004-0496 Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
local
low complexity
mandrakesoft suse gentoo linux sun
7.2
7.2