VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Mandrakesoft
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2005-02-09
CVE-2004-0937
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
network
low complexity
archive-zip
broadcom
ca
eset-software
kaspersky-lab
mcafee
rav-antivirus
sophos
gentoo
mandrakesoft
suse
7.5
7.5
2005-01-27
CVE-2004-0936
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
network
low complexity
archive-zip
broadcom
ca
eset-software
kaspersky-lab
mcafee
rav-antivirus
sophos
gentoo
mandrakesoft
suse
7.5
7.5
2005-01-27
CVE-2004-0935
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
network
low complexity
archive-zip
broadcom
ca
eset-software
kaspersky-lab
mcafee
rav-antivirus
sophos
gentoo
mandrakesoft
suse
7.5
7.5
2005-01-27
CVE-2004-0934
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
network
low complexity
archive-zip
broadcom
ca
eset-software
kaspersky-lab
mcafee
rav-antivirus
sophos
gentoo
mandrakesoft
suse
7.5
7.5
2005-01-27
CVE-2004-0933
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
network
low complexity
archive-zip
broadcom
ca
eset-software
kaspersky-lab
mcafee
rav-antivirus
sophos
gentoo
mandrakesoft
suse
7.5
7.5
2005-01-27
CVE-2004-0932
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
network
low complexity
archive-zip
broadcom
ca
eset-software
kaspersky-lab
mcafee
rav-antivirus
sophos
gentoo
mandrakesoft
suse
7.5
7.5
2005-01-27
CVE-2004-0886
Buffer Overflow vulnerability in LibTIFF
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
network
low complexity
libtiff
pdflib
wxgtk2
apple
kde
mandrakesoft
redhat
suse
trustix
5.0
5.0
2005-01-10
CVE-2004-1188
The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.
network
low complexity
mplayer
xine
mandrakesoft
critical
10.0
10
2005-01-10
CVE-2004-1187
Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
network
low complexity
mplayer
xine
mandrakesoft
critical
10.0
10
2005-01-10
CVE-2004-1171
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.
local
low complexity
kde
mandrakesoft
redhat
2.1
2.1
«
Previous
1
2
3
4
(current)
5
6
...
13
14
»
Next