Vulnerabilities > Redhat > Enterprise Linux Server EUS > 6.6

DATE CVE VULNERABILITY TITLE RISK
2020-01-31 CVE-2014-8141 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-31 CVE-2014-8140 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-31 CVE-2014-8139 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
local
low complexity
unzip-project redhat CWE-787
7.8
2020-01-14 CVE-2014-7844 Injection vulnerability in multiple products
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
local
low complexity
redhat debian bsd-mailx-project CWE-74
7.8
2017-08-07 CVE-2015-7704 Improper Input Validation vulnerability in multiple products
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
network
low complexity
ntp debian netapp redhat mcafee citrix CWE-20
7.5
2016-05-16 CVE-2015-4643 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
network
low complexity
php debian redhat oracle CWE-119
critical
9.8
2015-07-14 CVE-2015-5123 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.
network
low complexity
redhat suse opensuse adobe CWE-416
critical
9.8
2015-07-14 CVE-2015-5122 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
network
low complexity
adobe redhat suse opensuse CWE-416
critical
9.8