Vulnerabilities > Redhat > Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-04-16 | CVE-2007-2030 | Unspecified vulnerability in Redhat Enterprise Linux and Fedora Core lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. | 4.9 |
| 2007-03-27 | CVE-2006-7176 | Localhost.Localdomain Email Spoofing vulnerability in Sendmail 8.13.1.2 The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages. | 4.3 |
| 2007-03-20 | CVE-2007-0998 | Permissions, Privileges, and Access Controls vulnerability in XEN Qemu The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. | 4.3 |
| 2007-03-02 | CVE-2007-0001 | Local Denial of Service vulnerability in Redhat Enterprise Linux 4.0 The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped. local redhat | 4.7 |
| 2006-10-17 | CVE-2006-4342 | Improper Locking vulnerability in Redhat Enterprise Linux 3.0 The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to cause a denial of service (deadlock) by running the shmat function on an shm at the same time that shmctl is removing that shm (IPC_RMID), which prevents a spinlock from being unlocked. | 5.5 |
| 2006-08-23 | CVE-2006-2932 | Local Denial of Service vulnerability in Linux Kernel Non-Hugemem Support A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors. | 4.9 |
| 2006-07-27 | CVE-2006-2933 | kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. | 4.6 |
| 2005-12-31 | CVE-2005-3626 | Resource Management Errors vulnerability in multiple products Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-399 | 5.0 |
| 2005-12-31 | CVE-2005-3624 | Numeric Errors vulnerability in multiple products The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-189 | 5.0 |
| 2005-12-22 | CVE-2005-3631 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords. | 4.6 |