Vulnerabilities > Openbsd > Openbsd > 4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-04-25 | CVE-2007-2242 | Denial of Service vulnerability in IPv6 Protocol Type 0 Route Header The IPv6 protocol allows remote attackers to cause a denial of service via crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network amplification between two routers. | 7.8 |
2007-04-06 | CVE-2007-1352 | Local Integer Overflow vulnerability in X.Org LibXFont Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | 3.8 |
2007-04-06 | CVE-2007-1351 | Numeric Errors vulnerability in multiple products Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. | 8.5 |
2007-03-10 | CVE-2007-1365 | Remote Buffer Overflow vulnerability in Openbsd 3.9/4.0 Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service. | 10.0 |
2007-01-18 | CVE-2007-0343 | Remote Denial Of Service vulnerability in OpenBSD ICMP6 Echo Request OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via certain IPv6 ICMP (aka ICMP6) echo request packets. | 5.0 |
2007-01-05 | CVE-2007-0085 | Local Security vulnerability in Openbsd 3.9/4.0 Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference. | 6.0 |
2006-11-29 | CVE-2006-6164 | Local Environment Variable Clearing vulnerability in Openbsd 3.9/4.0 The _dl_unsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LD_PRELOAD to loading processes, which might be leveraged to gain privileges. | 7.2 |
2006-10-26 | CVE-2006-5550 | Local Denial of Service vulnerability in FreeBSD Crypto The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | 4.9 |