Vulnerabilities > Openbsd > Openbsd > 3.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-04-06 | CVE-2007-1352 | Local Integer Overflow vulnerability in X.Org LibXFont Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | 3.8 |
| 2007-04-06 | CVE-2007-1351 | Numeric Errors vulnerability in multiple products Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. | 8.5 |
| 2007-03-10 | CVE-2007-1365 | Remote Buffer Overflow vulnerability in Openbsd 3.9/4.0 Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service. | 10.0 |
| 2007-01-18 | CVE-2007-0343 | Remote Denial Of Service vulnerability in OpenBSD ICMP6 Echo Request OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. | 5.0 |
| 2007-01-05 | CVE-2007-0085 | Local Security vulnerability in Openbsd 3.9/4.0 Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference. | 6.0 |
| 2006-11-29 | CVE-2006-6164 | Local Environment Variable Clearing vulnerability in Openbsd 3.9/4.0 The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges. | 7.2 |
| 2006-10-10 | CVE-2006-5218 | Local Integer Overflow vulnerability in OpenBSD Systrace STRIOCREPLACE Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl. | 4.6 |
| 2006-08-29 | CVE-2006-4436 | Unspecified vulnerability in Openbsd 3.8/3.9 isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection. | 5.0 |
| 2006-08-29 | CVE-2006-4435 | Denial Of Service vulnerability in Openbsd 3.8/3.9 OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default. | 4.9 |
| 2006-08-24 | CVE-2006-4304 | Buffer Overflow vulnerability in NetBSD In-Kernel PPP Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 20060823, and OpenBSD 3.8 and 3.9 before 20060902 allows remote attackers to cause a denial of service (panic), obtain sensitive information, and possibly execute arbitrary code via crafted Link Control Protocol (LCP) packets with an option length that exceeds the overall length, which triggers the overflow in (1) pppoe and (2) ippp. | 10.0 |